David Woitzik

Hybrid Cloud Engineer & Infrastructure Automation.

I'm a Hybrid Cloud Systems Engineer specializing in Azure, Terraform, and Zero-Trust network architecture. By day I design production infrastructure — here I publish the hardened templates and deep dives I wish existed when I needed them.

Currently focused on compliance-ready infrastructure blueprints for ISO 27001, NIS2, and KRITIS environments.

Terraform Ansible Packer Azure Linux Kubernetes (learning)

Enterprise Blueprints & Articles

View all →

Wildcard TLS Certificates on K3s with cert-manager and Cloudflare DNS

How to automate wildcard Let's Encrypt certificates on a bare-metal K3s cluster using cert-manager's DNS-01 challenge with Cloudflare — and why HTTP-01 won't work for internal services.

Read Article →

GitOps on K3s: Managing a Complete Homelab with ArgoCD

How to manage an entire Kubernetes homelab — MetalLB, Traefik, Longhorn, Authelia, and more — as a Git repository using ArgoCD's App-of-Apps pattern.

Read Article →

Bare-Metal LoadBalancer on K3s: MetalLB + Traefik with ArgoCD

How to get a real external IP on a bare-metal Kubernetes cluster using MetalLB L2 mode, and wire it up with Traefik for automatic HTTPS — fully GitOps-managed with ArgoCD.

Read Article →

Projects

View all →

Homelab Infrastructure as Code

Hybrid Cloud environment with Proxmox, Azure Arc and MikroTik.

Certifications

Microsoft

Certified: Azure Administrator Associate

HashiCorp

Certified: Terraform Associate

Microsoft

Certified: Azure Fundamentals

Microsoft

365 Certified: Fundamentals