Paweł Łoćwin

Computer Engineering Student PWr | DevOps
Student Science Club "KN Solvro" | 2nd Year
GitHub LinkedIn Credly

Professional Summary

DevOps-focused 2nd-year computer engineering student with practical experience in Linux systems, observability tools, automation, and SSL/TLS infrastructure. Worked on OS upgrades, performance tuning, certificate lifecycle management, and monitoring stack development within the KN Solvro student club. Highly motivated to expand skills in Cloud and DevOps technologies.

Technical Skills

DevOps & Infrastructure

  • Operating Systems: Linux (Debian 13, Ubuntu), Bare metal servers, Virtual Machines. Standard workflow utilizes Neovim (LazyVim).
  • Containers & CI/CD: Docker, Private Registry, Git, GitHub, Jenkins (basics).
  • Traffic Management: Traefik, Coolify.

Observability & Security

  • Monitoring: Prometheus, Grafana, PromQL, Blackbox Exporter, Node Exporter.
  • Security: SSL/TLS Wildcard Certificates, acme.sh, DNS-01 Challenge, OVH API.

Programming & Systems

  • Languages: Python, C++, Bash.
  • Next Steps: Learning Go (Golang).
  • Performance: zswap configuration, benchmarking.
  • Data/ML: Jupyter Notebook, Keras basics.

Certifications & Languages

  • Cloud: Microsoft Azure Fundamentals (AZ-900).
  • English: C1 Advanced (Cambridge CAE) - proficient in reading technical documentation.
  • Polish: Native.

Professional Experience

DevOps Engineer

Student Science Club "KN Solvro", Wrocław University of Science and Technology | 2026 - present
  • Administered Linux-based infrastructure across virtual machines and bare-metal servers. Performed major OS upgrades: Ubuntu 22.04 to 24.04 LTS and Debian 12 to 13.
  • Implemented unified zswap configuration across VM cluster and host, conducted performance benchmarking.
  • Migrated certificate management from Certbot to acme.sh, deployed Wildcard SAN certificates.
  • Automated DNS-01 verification via OVH API using least-privilege access tokens.
  • Configured dynamic SSL delivery for Traefik with zero downtime using timestamp-based reload triggers.
  • Standardized certificate renewal by migrating from cron to Systemd services and timers.
  • Developed PromQL alerts for memory usage, swap growth rate, and anomaly detection.

Projects

OpenReplay Self-Hosted Deployment

Successfully set up and configured an OpenReplay instance completely from scratch on a self-hosted infrastructure. Managed the full implementation cycle, including instance provisioning, domain and SSL binding, and fine-tuning session replay analytics to guarantee reliable session recording and privacy controls.

OpenReplay Linux Docker SSL/TLS Self-Hosting

Monitoring & Observability Stack

Integrated a private Docker registry with a bare-metal Prometheus instance. Added panels for apt upgrades, memory usage, and SLA metrics. Built custom PromQL alerts for memory anomalies and swap growth. Designed dynamic dashboards with incident timelines, SSL tracking, and uptime calculations.

Prometheus Grafana PromQL Docker Blackbox Exporter

Automated SSL & Zero-Downtime Infrastructure

Implemented secure DNS-01 verification via OVH API with least-privilege tokens. Built a hybrid SSL model using Wildcard certificates for internal services and HTTP Challenge for external domains. Standardized certificate renewal using Systemd units and centralized logging.

acme.sh Traefik OVH API Systemd Coolify

Public Health Data Analysis (Machine Learning)

Built ML models for binary classification of public health data. Designed and trained a neural network in Keras, compared accuracy and computational cost with simpler models.

Python Keras Jupyter Notebook