Welcome to my personal website, where I proudly showcase my extensive knowledge in the realm of Information Technology.Here, you'll find a curated collection of projects that highlight my proficiency in system administration, network architecture, and cybersecurity. Each endeavor is a testament to my dedication to crafting efficient solutions that seamlessly integrate cutting-edge technologies.Let's embark on a collaborative exploration of the digital frontier. Welcome to my I.T. world!
About Me
I'm Angel, a network admin based in Chicago with an interest in open-source privacy-respecting software, and cyber security. I've managed data center colocations and I support over 250 users in my day-to-day. Setting up S2S VPNs and implementing MFA excites me, and if you're in Chicago, I can show you how it all works.I'm beyond passionate about Linux and continuously refine my sophisticated Docker setup. My extensive home lab serves as a learning platform for system administration and hosts my own services in an attempt to break free from big tech.At one of America's largest tax companies, I serve as a network administrator, collaborating on diverse projects, mentoring junior level admins, and ensuring that the network is running smoothly.Beyond tech, I enjoy gaming, spending time with family and friends, and hitting the road on my motorcycle.
Experience
Empowering Small Businesses - Self-Employed Venture
My journey in the world of Information Technology began with a self-employed venture dedicated to empowering small businesses. Through personalized solutions, I honed my skills in Linux and Windows servers, crafting tailored systems that boosted efficiency and scalability. Collaborating directly with clients, I fostered a deep appreciation for problem-solving and adapting technology to unique business needs.Navigating the Technological Seas - Xerox Help Desk
My trajectory then led me to the Xerox Help Desk, a pivotal juncture where I delved into internet security intricacies while supporting a remote team spanning Europe. This role not only enriched my understanding of cybersecurity but also nurtured my ability to collaborate effectively across time zones, cultures, and technical landscapes.MSP Expertise - LamiStar Corp
Joining the ranks of LamiStar Corp, a distinguished Managed Service Provider (MSP) in the Chicago area, marked a significant leap in my career. This experience refined my proficiency in Docker, Linux, Windows servers, and network design, as well as exposing me to the art of virtual machines. I embarked on projects that transcended conventional IT domains, including Voice over Internet Protocol (VoIP) and security camera systems.
Catalyzing Change - Current Position
On my one-year anniversary with the company, I earned a promotion from I.T. Specialist to Network Administrator. In my role, I have spearheaded a technological transformation, optimizing processes and strengthening security. Some of my key accomplishments include:
SSL Fortification: I implemented SSL organization-wide, safeguarding data transmission and bolstering client confidence.
Efficiency Engine: I established an inventory system, optimizing resource management for informed decision-making and resource allocation.
Green Initiatives: I pioneered a recycling program, showcasing a commitment to sustainability and environmental responsibility.
Proactive Monitoring: Leveraging a monitoring server, I configured a robust monitoring system, ensuring system availability and performance.
Data center Co-location: After conducting extensive research on numerous data centers in the Chicago region through on-site visits, I honed in on a specific facility due to its strategic location and cost-effectiveness. Subsequently, I developed a comprehensive migration plan for transitioning various on-premises systems. Following a seamless colocation process, my employer achieved significant monthly savings of approximately $30,000 by closing an underutilized office location.
I led the opening of a new office in the Chicago area, designed to support 50 workstations. I managed the setup of the primary 1-gigabit fiber internet connection and a backup connection to ensure redundancy. I also configured and deployed 48-port switches with VLANs for enhanced security. Additionally, I implemented the UniFi WiFi network, including a guest WiFi setup, and personally installed and configured the VoIP phone system.
A Journey of Impact
In my role within the IT department, I have had the privilege of working closely with our esteemed C-level executives, fostering a dynamic partnership that drives our company's technological advancements. This collaboration has allowed me to align our IT strategies with our organization's broader goals, ensuring that technology serves as an enabler for our business objectives. Additionally, I play a pivotal role in the hiring process for our IT team, carefully selecting talented individuals who share our commitment to innovation and excellence. This dual responsibility not only underscores my technical proficiency but also highlights my ability to bridge the gap between technology and executive vision, contributing to the continued success of our company.
Most importantly, I identified areas where we can decommission expensive software for the equivalent open-source software, which ultimately saves my employer money. That's the bottom line. My tenure at my current employer is marked by transformative initiatives that merge innovation, security, and sustainability.
Self Hosted Projects
All applications are self-hosted in Docker for enhanced security, with automatic updates managed through WatchTower. All containers are managed via docker-compose for scalability. Public facing servers are secured with Cloudflare. From deploying applications to managing services, each project is a testament to my passion for autonomy and a hands-on approach to technology:
Ghost Blog server to showcase my step-by-step directions for all different types of tech topics. Blog.aserrano312.com for access to my self-hosted blog server.
Authentik is an open-source Identity Provider that emphasizes flexibility and versatility, with support for a wide set of protocols.
SearXNG is an internet metasearch engine which aggregates results from various search services and databases. Results are neither tracked nor profiled. Click link below for access to my secure search engine: search.aserrano312.com
Traefik is an open source reverse proxy and ingress controller that simplifies and automates the discovery, routing, and load balancing of microservices. Also, currently implements SSL certificates for internal resources.
WireGuard VPN Server the fastest, lightweight VPN server, for secure external access.
Prometheus server is an open-source monitoring system, that supplies Grafana with data.
Grafana log aggregation and storage system allows you to bring together logs from all your applications and infrastructure in a single place, with a beautiful dashboard.
Dashy is an open source, highly customizable, easy to use, privacy-respecting dashboard app.
LibreSpeed speed test server. Librespeed is a very lightweight Speedtest implemented in Javascript, for internal speedtests.
Uptime Kuma is an easy-to-use self-hosted monitoring tool, with a wonderful status page for easy viewing if a server is operational.
Pi-Hole DNS, is a Linux network-level advertisement and Internet tracker blocking application which acts as a DNS sinkhole.
Unbound is a validating, recursive, caching DNS resolver.
Netboot.XYZ is a web-based tool that lets you boot into different operating systems using PXE.
NTFY server is a simple HTTP-based pub-sub notification service. It allows you to send notifications to your phone or desktop via scripts from any computer, and/or using a REST API. NTFY is setup to send notifications for the Uptime Kuma app, if a server, service or WAN go offline.
HomeBox is a simple and fast web app that lets you create and manage items for your home inventory, organization, and maintenance. The dev offers an online demo.
Stirling PDF is a web-based PDF manipulation tool, which enables you to carry out various operations on PDF files, including splitting, merging, converting, reorganizing, adding images, rotating, compressing, and more.
Pingvin-Share is a file sharing platform that combines lightness and beauty, perfect for seamless and efficient file sharing. Access my instance: Here
Picsur An easy to use, image sharing service like Imgur with built in converting.
Y.O.U.R.L.S. The URL shortener server. Implements control over your links, detailed statistics, plugin support, and more.
DocuSeal is a cloud-based or self-hosted service that allows you to create, send and sign documents online. It offers a user-friendly interface, a powerful API, and various features for developers and businesses.
PWPush - Securely communicate passwords, data & files. Secret URLs expire after X views or X days. Track access with audit logs.
ARTIFICIAL INTELLIGENCE A.I.
A.I. servers are comprised of 3 components 1. LLM reader 2. Front-end/GUI 3. A Large Language Model (LLM).
Ollama (Omni-Layer Learning Language Acquisition Model) is a tool for running and customizing large language models (LLM) on-prem. Ollama supports various models, such as Llama 3, Mistral, Gemma, and more, it provides a CLI, a REST API, and web and desktop integrations.
Open Web UI is an extensible, feature-rich, and user-friendly self-hosted WebUI designed to operate entirely offline. It supports various LLM runners, including Ollama and OpenAI-compatible APIs.
LLMs:
1. LLama 3.3 New state of the art 70B model. Llama 3.3 70B offers similar performance compared to the Llama 3.1 405B model..
2. DeepSeek-r1 DeepSeek first-generation of reasoning models with comparable performance to OpenAI-o1, including six dense models distilled from DeepSeek-R1 based on Llama and Qwen.
By integrating Ollama's AI-powered content generation capabilities with Open-WebUI's web-based interface, add that to the different LLMs and it creates an easy to use, interactive experience. Unlike ChatGPT, which is limited to text-based interactions, Ollama's AI-powered content generation capabilities can create rich, multimedia content.Access my AI server HERE
Other Projects
Get Internet Chicago is a referral program website for reselling internet. Click below to access my website and save some money on your monthly internet/phone bill. GetInternetChicago.com
Wireless Mesh that provides internet to some of my neighbors. Powered by OpenWRT and the B.A.T.M.A.N. advanced protocol. This protocol provides the ability to do VLANs via Wi-Fi.
Website Design I dabble in creating websites and logos, mostly for fun. And, obviously all sites are secured with SSL. Check out some examples:
1. LuxNovaVending.com
2. EvolvingTechSolutions.com
3. PatArbor.com
Get in touch
Want to chat?
Feel free to reach out: