Farzad Sadeghi

+ https://terminaldweller.com
+ devi@terminaldweller.com
+ thabogre@gmail.com
+ Tehran, Iran
+ +989125802283 +

+ Professional Experience +

+ Zharfpouyan Tous (Tehran, Iran)
+ March 2021–June 2022
+ 14 months
+ Developing/Maintaining code for a network device running on a unix-like + operating system(openssh,linux-pam,busybox).Mostly C and shell + scripts.
+
+ Erfan Salamat (Tehran, Iran)
+ Nov. 2020–Feb. 2021
+ 4 months
+ Backened Developer. Developed a GIS and Notification microservice + using Golang. Containerized the entire required stack for the said + microservices with Docker.
+
+ Maharan International (Tehran, Iran)
+ Feb. 2019–Oct. 2020
+ 19 months
+ Requirement manager, designer and developer for ERTMS/ETCS DMI for a + safety-ciritcal system written in C.
+
+ Truebit (Remote, 3 time-zones)
+ July 2017–Nov. 2017
+ 5 months
+ developed Truebit’s WASM interpreter and smart contracts. Also + managed the CI for the repositories.
+

Skills

Hobby

+ I maintain my own local kubernetes cluster with k3s on my raspberry pis + along with a bunch of VPSs that I run my services on(Docker, not + swarm)).
+

Languages

Education

+ 2021–Now Master’s in Computer Science, Azad University, Science and + Research Branch, Tehran, Iran. Currently working on my thesis
+ 2007–2013 Bachelor’s in Electrical Engineering, Iran University of Science + and Technology, Tehran, Iran.
+ Thesis: Determining the frequency of an audio signal using phase + derivation in real time, design and implementation using an + FPGA. +

Role Breakdown

+ Backend Developer
+ Developed a GIS microservice based on the OSM stack. Containerized an + entire geoserver stack (geoserver, tile server, static image server, DB) + so that we could rely on our own stack. Developed a notification + microservice using golang and Mongodb(with Percona memory engine).
+
+ ERTMS / ETCS DMI Development
+ Split the DMI into two subsystems. Designed and implemented the + software for the component on the "kernel" side. Wrote a tool that + made the requirements’ traceability files by gathering special + comments from the C source files. Wrote a tool that determines all the + sub-fields of aggregate types used in the function and the functions + it calls(required for testing).
+
+ Embedded Safety-Critical Development
+ Wrote the SRS and the SDD for the DSP algorithm, then implemented + the DSP algorithm for a safety-critical hard real-time embedded + system.
+
+ Code Generation
+

+ Automatic Refactoring
+ Wrote an automatic refactoring tool using Clang’s Libtooling for C.
+
+ Defensive Programming / Safety-Aware Software Design
+ Studied/Implemented defensive programming practices, coding style and + guidelines. Explored the use of FMEA and FTA for the software + domain.
+
+ AUTOSAR
+ Studied AUTOSAR SWC and RTE.
+
+ ISO 26262
+ Studied the software section of the standard. I was also the + software group’s representative for the study/review meetings held + with the hardware and system teams on ISO 26262.
+

Links

+ terminaldweller.com + My personal web page.
+ Github + My Github page.
+ hived + A tiny and fast crypto API server.
+ magni + Upscales the images in a webpage and serves them back locally.
+ cgrep + Grep for C-family source files.
+ devourer + A little helper API server. Extracts, summarizes and vocalizes articles on + the web.
+ mdrtl + A minimal RTL markdown editor.
+ blog + Source code for my blog.
+ Linkedin + My Linkedin page.
+

PGP FP: 9E20464F1CCF3B103249FA93A6A0F5158B3881DF - here and here

@@ -45,11 +45,14 @@

XMPP: devi@jabber.terminaldweller.com

The order is significant:

Email: devi@terminaldweller.com

Email: thabogre@gmail.com

Email: farzadsadeghi@protonmail.ch

All emails have the ssh and pgp key fingerprints as signature.

All emails have the ssh and pgp key fingerprints as signature. You can ask for one.

OpenID: https://launchpad.net/~terminaldweller

Github: terminaldweller

@@ -60,7 +63,7 @@

Blog: Blog RSS

Services: N/A

diff --git a/terminaldweller.com/traefik/traefik.yml b/terminaldweller.com/traefik/traefik.yml new file mode 100644 index 0000000..a034111 --- /dev/null +++ b/terminaldweller.com/traefik/traefik.yml @@ -0,0 +1,97 @@ +version: '3.7' +services: + traefik: + image: traefik:v3.0 + ports: + - target: 80 + published: 80 + mode: host + - target: 443 + published: 443 + mode: host + deploy: + placement: + constraints: + # Make the traefik service run only on the node with this label + # as the node with it has the volume for the certificates + - node.labels.traefik-public.traefik-public-certificates == true + labels: + # Enable Traefik for this service, to make it available in the public network + - traefik.enable=true + # Use the traefik-public network (declared below) + - traefik.docker.network=traefik-public + # Use the custom label "traefik.constraint-label=traefik-public" + # This public Traefik will only use services with this label + # That way you can add other internal Traefik instances per stack if needed + - traefik.constraint-label=traefik-public + # admin-auth middleware with HTTP Basic auth + # Using the environment variables USERNAME and HASHED_PASSWORD + - traefik.http.middlewares.admin-auth.basicauth.users= + # https-redirect middleware to redirect HTTP to HTTPS + # It can be re-used by other stacks in other Docker Compose files + - traefik.http.middlewares.https-redirect.redirectscheme.scheme=https + - traefik.http.middlewares.https-redirect.redirectscheme.permanent=true + # traefik-http set up only to use the middleware to redirect to https + # Uses the environment variable DOMAIN + - traefik.http.routers.traefik-public-http.rule=Host(`traefik.terminaldweller.com`) + - traefik.http.routers.traefik-public-http.entrypoints=http + - traefik.http.routers.traefik-public-http.middlewares=https-redirect + # traefik-https the actual router using HTTPS + # Uses the environment variable DOMAIN + - traefik.http.routers.traefik-public-https.rule=Host(`traefik.terminaldweller.com`) + - traefik.http.routers.traefik-public-https.entrypoints=https + - traefik.http.routers.traefik-public-https.tls=true + # Use the special Traefik service api@internal with the web UI/Dashboard + - traefik.http.routers.traefik-public-https.service=api@internal + # Use the "le" (Let's Encrypt) resolver created below + - traefik.http.routers.traefik-public-https.tls.certresolver=le + # Enable HTTP Basic auth, using the middleware created above + - traefik.http.routers.traefik-public-https.middlewares=admin-auth + # Define the port inside of the Docker service to use + - traefik.http.services.traefik-public.loadbalancer.server.port=8080 + volumes: + # Add Docker as a mounted volume, so that Traefik can read the labels of other services + - /var/run/docker.sock:/var/run/docker.sock:ro + # Mount the volume to store the certificates + - traefik-public-certificates:/certificates + command: + # Enable Docker in Traefik, so that it reads labels from Docker services + - --providers.docker + # Add a constraint to only use services with the label "traefik.constraint-label=traefik-public" + - --providers.docker.constraints=Label(`traefik.constraint-label`, `traefik-public`) + # Do not expose all Docker services, only the ones explicitly exposed + - --providers.docker.exposedbydefault=false + # Enable Docker Swarm mode + - --providers.docker.swarmmode + # Create an entrypoint "http" listening on port 80 + - --entrypoints.http.address=:80 + # Create an entrypoint "https" listening on port 443 + - --entrypoints.https.address=:443 + # Create the certificate resolver "le" for Let's Encrypt, uses the environment variable EMAIL + - --certificatesresolvers.le.acme.email=devi+trf@terminaldweller.com + # Store the Let's Encrypt certificates in the mounted volume + - --certificatesresolvers.le.acme.storage=/certificates/acme.json + # Use the TLS Challenge for Let's Encrypt + - --certificatesresolvers.le.acme.tlschallenge=true + # Enable the access log, with HTTP requests + - --accesslog + # Enable the Traefik log, for configurations and errors + - --log + # Enable the Dashboard and API + - --api + networks: + # Use the public network created to be shared between Traefik and + # any other service that needs to be publicly available with HTTPS + - traefik-public + env_file: + - ./.env +volumes: + # Create a volume to store the certificates, there is a constraint to make sure + # Traefik is always deployed to the same Docker node with the same volume containing + # the HTTPS certificates + traefik-public-certificates: +networks: + # Use the previously created public network "traefik-public", shared with other + # services that need to be publicly available via this Traefik + traefik-public: + external: true -- cgit v1.2.3