Célestin Matte

DevOps System Administrator

photo Célestin Matte

Hi! I'm a freelance DevOps system administrator with a passion for optimizing Linux infrastructures. I excel in deploying and migrating systems using Ansible, Bash, and Git, ensuring automation, traceability and documentation.

My expertise lies in ensuring system resilience by implementing comprehensive monitoring, redundancy, and fast automatic redeployment solutions. I also thrive on the challenge of modernizing complex networks that suffer from insufficient management, transforming them into monitored, backed-up, and automated systems.

With an engineering degree, a PhD and 10 years of experience maintaining Linux infrastructures, I am well-equipped to work autonomously and efficiently in international environments.

I propose the following services:
  • migrating services to cloud systems,
  • setting up automated backup systems,
  • setting up a CI/CD pipeline,
  • setting up an alerting system of your servers,
  • setting up new services (Web, email, visioconference...),
  • updating outdated systems,
  • maintaining systems,
  • updating your certificates.
I'm also open to other projects!

Skill set:

  • OS: Debian, Arch Linux, Ubuntu, CentOS
  • DevOps tools: Ansible, Bash, Git, Gitlab, Docker, SSH
  • Cloud: Google Cloud Platform, AWS, OVH, Gandi
  • Software: Apache, NGINX, MariaDB, PostgreSQL, Postfix, Exim, Dovecot, Fail2ban, PHP-FPM, OpenVPN, Nagios, vSphere
  • Programming: Python/Flask, Django, PHP
  • Currently learning: Kubernetes, Terraform



Software in the Public Interest
DevOps Sysadmin
  • Migrate running systems to up-to-date and maintained cloud-based servers or services:
    • Migration of systems to Google Cloud Engine and AWS:
      • websites
      • mailing lists (mailman)
      • mail servers (postfix/exim)
    • Migration of Git servers under gitolite to Gitlab.
    • Google Workspace configuration.
    • DNS zones transfer from Mythic Beasts to Gandi, communication with associated projects.
    • Adding monitoring and backup solutions.
    • Writing documentation.
    • Rewriting a Flask web application in Django.
    • Write Ansible script to install open source mailing list software PGLister, work on patches with upstream.
    • Configure SPF, DKIM and DMARC.
    • Set up deployment testing for CI's pipeline of PGLister and PGArchives.
    International context (US-based client).
  • Key challenges: Autonomy, work with maintainer of open source project
  • Technologies: Ansible, Google Cloud Engine, AWS, Gandi, Postfix, Django, Gitlab, Docker, pgBackRest
IRIS (Canon group)
System administrator
  • Manage ~50 Linux servers:
    • Upgrade all servers
    • Implement security measures
    • Debug issues and critical crashes
    • Introduce automation with Ansible
    • Update documentation
    • Communicate with teams

  • Key challenges: Autonomy, urgent fixes, security
  • Technologies: Debian, Ubuntu, CentOS, Fedora, Ansible, Bash, Apache, OpenVPN, Samba, VMWare vSphere, Jira, Confluence
Demo Wi-Fi tracking system
  • Installation of a Wi-Fi tracking demonstration prototype:
    • Development of the Wi-Fi tracking software
    • Configuration of a minimal Arch Linux system
    • Development of Ansible scripts to handle the different possible deployments scenarios
    • Configuration of dhcpd for the network of ~15 machines to deploy and configure automatically
    • Minimize risk of system crashes and hardware faults
    • Deployments:
  • Key challenges:
    • Availability of a system running in autonomy for several months
    • fully automatic self-deployment and configuration of the network of ~15 machines
  • Technologies: Arch Linux, dhcpd, Ansible, Python
Running a video game for a year
  • Adapting and running a video game (Sistexpress) for a year (~50 players):
    • Rewriting a web PHP game into a fast-paced version.
    • Improving the interface with Ajax.
    • Monitoring CPU consumption and profiling code for optimization.
    • Configuring automatic backups.
    • Community management.
  • Key challenges:
    • Availability
    • Controlling CPU consumption
  • Technologies: Ubuntu, Apache, PHP, PHP-FPM, MariaDB, nmon, Symfony, Ajax
Packaging for Arch Linux
  • Maintaining packages for Arch Linux user repository (AUR):
    • Troubleshooting old application for compatibility with modern system.
    • Setting up Gitlab CI.
    • Communication with maintainers of dependencies and packagers of other distributions.
    • Handling user-reported issues.
  • Key challenges:
    • Maintaining an application utilizing unfamiliar technologies.
    • Communication with various actors.
  • Technologies: Arch Linux packaging, Gitlab CI, OCaml
Maintaining personal servers
  • Maintaining 4 personal servers since 2013:
    • Various services: email, Web, video-conference, VPN,
    • Self-hosting,
    • Automating backups and upgrades,
    • Monitoring,
    • Constant focus on security (chroot, network segmentation...).
  • Key challenges:
    • Availability
    • Automation
  • Technologies: Arch Linux, Debian, Apache, Postfix, Flask, MariaDB, OpenVPN, Jitsi, Docker
Writing articles for general public technical journals
  • Wrote 7 articles on various topics:
    • PhD thesis' topics: fingerprinting, MAC address randomization
    • Neural networks
    • Bash
  • Key challenges:
    • Writing for the general public and technicians
PhD + Postdoc
    • Topics: Privacy, Wi-Fi & Web tracking, Fingerprinting, GDPR.
    • 6 publications in peer-reviewed conferences (1 top-ranked) + 1 journal publication.
    • Demo Wi-Fi tracking system installed at the Cité des Sciences et de l'Industrie and in CNIL's showroom (see above).
    • Crawled 28 000 websites using a custom python/Selenium script.
    • Teaching (3 years).
    • Team work.
    • Collaboration with lawyers.
    • Industry impact: work cited by Google, work discussed at an IEEE session, work lead to a complaint by NOYB to the CNIL relayed by the press.
    • See my former research résumé for more details.
  • Selected research deliverables:
    • Slides of my PhD defense on Wi-Fi tracking. The introduction is written to be understandable by a large public.
    • Study on cookie banners. Related research article was published in a top-ranked conference.
    • Software:
      • Browser extension to verify consent registered by cookie banners.
      • Web application for visualization of data related to an industry-standard cookie banners framework (auto-updated).