🇫🇷 Français

Célestin Matte

DevOps System Administrator

photo Célestin Matte

I'm a freelance DevOps system administrator specialized in Linux infrastructure. I deploy and migrate systems using Ansible on GCP and AWS, ensuring automation, traceability and documentation.

I improve system resilience through monitoring, redundancy, and automated redeployment. I also enjoy the challenge of modernizing and documenting legacy infrastructures.

With an engineering degree, a PhD in computer science (network privacy) and over 10 years of experience maintaining Linux infrastructures, I work autonomously and efficiently in international environments. I've been a full-time system administrator for the past 5 years.

Services:
  • infrastructure automation,
  • system monitoring,
  • backup and disaster recovery strategies,
  • cloud migration,
  • service setup (web, email, video conferencing, VPN, etc.),
  • infrastructure modernization,
  • CI/CD pipeline design and implementation,
  • system maintenance,
  • SSL/TLS certificate management.
Open to other projects.

Technical skills:

  • DevOps & CI/CD: Ansible, Docker, Git, Gitlab CI/CD, Bash
  • Cloud: GCP, AWS, OVH, Gandi
  • OS: Linux (Debian, Arch Linux, Ubuntu, CentOS)
  • Web servers & databases: Apache, NGINX, PostgreSQL, MariaDB
  • Monitoring & virtualization: Nagios, vSphere
  • Mail infrastructure: Postfix, Exim, Dovecot, SPF/DKIM/DMARC configuration
  • Programming: Python (Django, Flask)
  • Infrastructure & orchestration: Kubernetes and Terraform (working knowledge)


Strasbourg (France) & remote

contact@cmatte.me

CV

Curriculum Vitae
Github Google Scholar LinkedIn GPG key
Software in the Public Interest
DevOps Sysadmin
  • Migrate running systems to up-to-date and maintained cloud-based servers or services:
    • Migration of systems to Google Cloud Engine and AWS:
      • websites
      • mailing lists (mailman)
      • mail servers (postfix/exim)
    • Migration of Git servers to Gitlab.
    • Google Workspace configuration.
    • DNS zones transfer from Mythic Beasts to Gandi, coordinating with associated projects maintainers.
    • Adding monitoring and backup solutions.
    • Writing extensive documentation on the whole infrastructure and processes.
    • Rewriting a Flask web application in Django.
    • Write Ansible script to install open source mailing list software PGLister, work on patches with upstream.
    • Configure SPF, DKIM and DMARC.
    • Set up deployment testing for CI's pipeline of PGLister and PGArchives.
    • Contribution to Debian and PostgreSQL projects: Debian-reimbursements, PGLister, PGArchives, PGWeb
    International context (US-based client).
  • Key challenges: High autonomy, coordination with of open source projects maintainers
  • Technologies: Ansible, Google Cloud Engine, AWS, Gandi, Postfix, Django, Gitlab, Docker, pgBackRest
2021 — now (part time)
IRIS (Canon group)
System administrator
  • Manage ~50 Linux servers:
    • Upgrade all servers
    • Implement security measures
    • Debug issues and critical crashes
    • Introduce automation with Ansible
    • Update documentation
    • Communicate with teams

  • Key challenges: Autonomy, urgent fixes, security
  • Technologies: Debian, Ubuntu, CentOS, Fedora, Ansible, Bash, Apache, OpenVPN, Samba, VMWare vSphere, Jira, Confluence
2022-02 — 2022-09 (80% part time)
Demo Wi-Fi tracking system
  • Installation of a Wi-Fi tracking demonstration prototype:
    • Development of the Wi-Fi tracking software
    • Configuration of a minimal Arch Linux system
    • Development of Ansible scripts to handle the different possible deployments scenarios
    • Configuration of dhcpd for the network of ~15 machines to deploy and configure automatically
    • Minimize risk of system crashes and hardware faults
    • Deployments:
  • Key challenges:
    • Availability of a system running in autonomy for several months
    • fully automatic self-deployment and configuration of the network of ~15 machines
  • Technologies: Arch Linux, dhcpd, Ansible, Python
2017 — 2018
Running a video game for a year
  • Adapting and running a video game (Sistexpress) for a year (~50 players):
    • Rewriting a web PHP game into a fast-paced version.
    • Improving the interface with Ajax.
    • Monitoring CPU consumption and profiling code for optimization.
    • Configuring automatic backups.
    • Community management.
  • Key challenges:
    • Availability
    • Controlling CPU consumption
  • Technologies: Ubuntu, Apache, PHP, PHP-FPM, MariaDB, nmon, Symfony, Ajax
2020 — 2021
Packaging for Arch Linux
  • Maintaining packages for Arch Linux user repository (AUR):
    • Troubleshooting old application for compatibility with modern system.
    • Setting up Gitlab CI.
    • Communication with maintainers of dependencies and packagers of other distributions.
    • Handling user-reported issues.
  • Key challenges:
    • Maintaining an application utilizing unfamiliar technologies.
    • Communication with various actors.
  • Technologies: Arch Linux packaging, Gitlab CI, OCaml
2020 — now
Maintaining personal servers
  • Maintaining 4 personal servers since 2013:
    • Various services: email, Web, video-conference, VPN,
    • Self-hosting,
    • Automating backups and upgrades,
    • Monitoring,
    • Constant focus on security (chroot, network segmentation...).
  • Key challenges:
    • Availability
    • Automation
  • Technologies: Arch Linux, Debian, Apache, Postfix, Flask, MariaDB, OpenVPN, Jitsi, Docker
2013 — now
Writing articles for general public technical journals
  • Wrote 7 articles on various topics:
    • PhD thesis' topics: fingerprinting, MAC address randomization
    • Neural networks
    • Bash
  • Key challenges:
    • Writing for the general public and technicians
2015 — 2021
PhD + Postdoc
    • Topics: Privacy, Wi-Fi & Web tracking, Fingerprinting, GDPR.
    • 6 publications in peer-reviewed conferences (1 top-ranked) + 1 journal publication.
    • Demo Wi-Fi tracking system installed at the Cité des Sciences et de l'Industrie and in CNIL's showroom (see above).
    • Crawled 28 000 websites using a custom python/Selenium script.
    • Teaching (3 years).
    • Team work.
    • Collaboration with lawyers.
    • Industry impact: work cited by Google, work discussed at an IEEE session, work lead to a complaint by NOYB to the CNIL relayed by the press.
    • See my former research résumé for more details.
  • Selected research deliverables:
    • Slides of my PhD defense on Wi-Fi tracking. The introduction is written to be understandable by a large public.
    • Study on cookie banners. Related research article was published in a top-ranked conference.
    • Software:
      • Browser extension to verify consent registered by cookie banners.
      • Web application for visualization of data related to an industry-standard cookie banners framework (auto-updated).
2014 — 2020
Legal information Célestin Matte, Entreprise Individuelle (EI)
SIRET: 90034827700022
Address: 24 rue de Clichy 75009 Paris, France
VAT: FR12900348277
contact@cmatte.me
Website hosting: GitHub, Inc., 88 Colin P. Kelly Jr. Street, San Francisco, CA 94107, USA. https://pages.github.com/
Copyright: The reproduction or representation, in whole or in part, of the pages, data, and any other elements of the website, by any means or medium, is prohibited and constitutes, without the editor's authorization, an infringement.
Picture credits: Margot Pfauwadel (Instagram: @rationchromatique)
This website does not collect personal information.
General Terms and Conditions of Sale (GTC)

System Administration / DevOps Services

Article 1 – Purpose
These General Terms and Conditions of Sale (GTC) define the terms and conditions of services provided by Célestin Matte, an entreprise individuelle (EI) registered under SIRET number 90034827700022, located at 24 rue de Clichy 75009 Paris, in the field of system administration and DevOps services for professional clients.

Article 2 – Scope
These GTC apply to all services performed on behalf of professional clients. Any order implies full and complete acceptance of these GTC by the client.

Article 3 – Services Offered
The services include, but are not limited to:

Any specific service will be subject to a detailed quote specifying the scope and conditions of the work.

Article 4 – Quotation and Order
Each service begins with the issuance of a quotation detailing the nature of the services, execution deadlines, and applicable fees. The quotation is valid for 15 days. The order is confirmed upon the client’s signature of the quotation.

Article 5 – Pricing and Payment Terms
Prices are expressed in euros, excluding VAT, with the applicable VAT rate and amount specified on quotes and invoices. In the case of invoicing in another currency, the exchange rate applied will be the one published by the French Directorate-General of Customs and Indirect Taxes (DGDDI) on the date of invoice issuance. Any conversion or banking fees shall be borne by the client. Payment for services is made as follows:

Payment is made by bank transfer within a maximum period of 30 days from the invoice date. In case of late payment, late fees calculated at the legal rate in effect, as well as a fixed recovery fee of €40, may be applied.

The pricing for services is defined in a detailed quotation, specifying the unit price schedule or the applicable calculation method.

Article 6 – Execution Deadlines
Execution deadlines for services are specified in the quotation. Any modification requested by the client during the project may result in a revision of the initial deadline and pricing.

Article 7 – Provider's Obligations
The provider commits to delivering services in accordance with industry standards and the specifications defined in the quotation. They guarantee the confidentiality of any information provided by the client as part of the service.

Article 8 – Client's Obligations
The client agrees to provide all necessary information and access for the proper execution of the services within the agreed deadlines. Any delay caused by the client’s failure to provide required resources may extend the delivery timeline without liability for the provider.

Article 9 – Liability and Limitations
The provider commits to executing the services diligently and professionally. However, they cannot be held responsible for:

Article 10 – Confidentiality
Both parties agree not to disclose any confidential information received during the execution of the services. This obligation remains in effect for two years after the end of the contract.

Article 11 – Intellectual Property
Unless otherwise stated in the quotation, deliverables remain the client’s property after full payment. However, the provider reserves the right to use the work completed for demonstration or portfolio purposes, unless expressly objected to by the client.

Article 12 – Force Majeure
In case of force majeure (unforeseeable event beyond the parties' control), the execution of the services may be suspended. If the situation lasts more than 30 days, either party may terminate the contract without compensation.

Article 13 – Termination
If either party fails to meet its obligations, the contract may be automatically terminated after a formal notice remains unanswered for 15 days. If the client terminates the contract early, services already performed remain due.

Article 14 – Right of Withdrawal
In accordance with the Consumer Code, the right of withdrawal does not apply to contracts between professionals. Any order is firm and final upon the client’s signature of the quotation.

Article 15 – Changes to the GTC
The provider reserves the right to modify these GTC at any time. Any changes will be communicated to the client before they take effect. The applicable GTC are those accepted by the client at the time of signing the quotation.

Article 16 – Disputes and Applicable Law
These GTC are governed by French law. Any disputes will be submitted to the competent court within the provider’s jurisdiction.

Article 17 – Personal Data and System Access
The provider may access the client’s systems and databases as part of their administration and maintenance duties. However, they are not intended to actively process personal data beyond what is strictly necessary for their work.

The provider agrees to:

The client remains solely responsible for ensuring compliance with data protection regulations, including the GDPR.

Article 18 – Contact
Célestin Matte
24 rue de Clichy 75009 Paris, France
contact@cmatte.me

Governing Language
In case of any discrepancies or differences in interpretation between the English and French versions of these Terms and Conditions, the French version shall prevail.