Gerasimos Melissaratos, Developer in Athens, Central Athens, Greece
Gerasimos is available for hire
Hire Gerasimos

Gerasimos Melissaratos

Verified Expert  in Engineering

DevOps Engineer and Developer

Athens, Central Athens, Greece

Toptal member since May 3, 2021

Bio

Gerasimos has been a Linux and FreeBSD systems administrator since 1999, and he has worked as a freelance systems administrator for government and private organizations since 2003. His specialties include infrastructure design, deployment, and management; servers; running services; securing and optimizing systems for performance and reliability; providing a wide range of services from authentication to DNS; and mail and web servers.

Availability

Part-time

Preferred Environment

Linux, FreeBSD

The most amazing...

...experience was shrinking an operation of seven racks of servers, virtualizing it to a half rack of hardware with increased reliability and security.

Work Experience

Systems Administrator

2003 - PRESENT
Freelance
  • Designed, implemented, and supported the infrastructure based on Linux and FreeBSD. Rolled out updates and configured backups.
  • Configured, deployed, and upgraded services. Configured monitoring and alarms. Designed security protocols and responded to threats. Secured services, performed log analysis, and responded to threats.
  • Deployed, configured, and supported oVirt installations with NFS, iSCSI, and Fibre Channel storage.
  • Deployed and configured Zimbra back-end groupware with various front-end mail filtering, antivirus, and spam protection schemes.
  • Deployed, configured, and created custom DOS protection filters for web servers.
  • Configured and maintained routers, firewalls, and switches, along with monitors and loggers of network traffic.
  • Set up and configured LDAP user authentication and authorization.
  • Designed and deployed multiple development and production environments for government and private organizations.
  • Deployed Kubernetes clusters with Ceph storage back ends.
  • Designed and/or implemented security and availability protocols for various projects.
Technologies: User Roles, Leadership, BIND DNS, Bash Script, IP Networks, FreeBSD, Linux, Tcpdump, Firewalls

Workers' Office Access During COVID-19 Pandemic

As the systems administrator for two organizations, I had to find a quick and effective way to enable secure remote access to the resources of their respective workplaces. Using the facilities of LDAP-based authentication and a lot of scripting, I automated the creation of VPNs from their homes to their offices and enabled remote access to their office computers and files in less than two weeks. The systems are still in use one year later and are being expanded to accommodate other uses.

Mail Server Migration

An organization of about 1,500 users, with few to spare and in dire need of collaboration software, decided to deploy Zimbra in the back end but with a more versatile front end for spam protection and mailing list management.

I designed and implemented a front-end solution with Postfix, Rspamd, and ClamAV handling incoming and outgoing traffic; Mailman catering to the organization's numerous mailing lists; and a cluster of open SMTP servers distributing outgoing traffic. This solution provided far greater flexibility to use the custom filters and external tools that the organization needed to handle message routing with flexibility not provided by Zimbra.

Dynamic DNS for Roaming Users and Services

A startup company with shared infrastructure and minimal access to the premises' network infrastructure needed reliable access to its own servers, using dynamic IP addresses, and the ability to access its roaming workstations by name. For the roaming workstations, OpenVPN provided secure connections with the offices via an external VPN gateway. The dynamic IP addresses were countered by the usage of names for servers and services. Split views and dynamic updates of BIND DNS allowed them to cover both requirements in a secure and reliable manner.

Highly Available Web Hosting

A boutique web development company with some big clients needed to migrate to a self-hosting solution in order to reduce monthly costs and acquire better control over its infrastructure. But leaving their cloud provider increased the risks of disruption in case of a server or service failure. I solved the problem by using multiple Apache and Nginx web servers with shared storage serving the sites and front-end Nginx reverse proxies checking the health of the web servers and handling rate limiting and caching.

Helthentia by Innovation Sprint

https://healthentia.com/
Healthentia is exploring new ways to conduct decentralized clinical trials and provide personalized patient care.

I'm responsible for server-side security and operations, managing the Azure-hosted Kubernetes cluster, conducting periodic security audits, and monitoring and regulating the assigned resources.

Tools

Postfix, NGINX, Tcpdump, VPN, OpenVPN, Azure Kubernetes Service (AKS)

Languages

Regex, Sed, Bash Script, Python

Platforms

Linux, FreeBSD, Apache2

Other

Spam Filtering, Dynamic Host Configuration Protocol (DHCP), BIND DNS, NFS, Networks, Web Security, Firewalls, User Roles, Leadership, IP Networks, IP Routing, LDAP, SSH, Networking

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring