Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Sovereign Architecture Design
- Threat modeling: identifying cloud dependencies and data egress points.
- Network topology: DMZ, internal zones, management network.
- Hardware selection: server, storage, networking, UPS.
- Disaster recovery sites and air-gap requirements.
Identity and Access Foundation
- Authentik deployment for SSO across all services.
- LDAP directory and group policy design.
- Step CA for service-to-service mTLS.
- YubiKey and hardware token enrollment.
Communication and Collaboration Hub
- Synapse/Element for chat and federation.
- Jitsi Meet for video conferencing.
- Roundcube/Nextcloud Mail for email.
- Nextcloud for file sync, calendars, and contacts.
- OnlyOffice integration for document editing.
Development and Operations Platform
- Gitea for source code and CI/CD.
- Woodpecker CI for automated builds.
- Nexus or Harbor for artifact and container registry.
- Wazuh for security monitoring and compliance.
- Uptime Kuma for service health dashboards.
AI and Knowledge Management
- Ollama deployment with local LLM serving.
- LibreChat for internal AI assistant access.
- Obsidian or Logseq for personal knowledge bases.
- Hoarder/ArchiveBox for web content preservation.
Security and Perimeter
- pfSense or OPNsense firewall deployment.
- Suricata IDS/IPS with custom rules.
- WireGuard/OpenVPN for remote access.
- Pi-hole DNS filtering and local resolution.
- Vaultwarden for team password management.
Backup, DR, and Operations
- BorgBackup central repository for all services.
- Database dump automation and off-site replication.
- Runbook documentation and incident response procedures.
- Capacity planning and scaling triggers.
- Quarterly sovereignty audit and dependency review.
Capstone Project
- Students present their fully operational sovereign stack.
- Peer review of architecture decisions and tradeoffs.
- Load testing and failure injection.
- Documentation handoff and operational readiness assessment.
Requirements
- Advanced proficiency in Linux, networking, and container orchestration.
- Completion of at least two other Data Sovereignty courses or equivalent professional experience.
- Familiarity with DNS, TLS, firewall configurations, and backup concepts.
Audience
- Senior infrastructure architects designing sovereign organizations.
- CTOs and CISOs formulating digital independence roadmaps.
- Government and defense digital transformation teams.
35 Hours
Testimonials (2)
Craig was extremely involved in the training, always making sure we are paying attention, adapted the examples to our day-to-day activities and always provided an answer when asked, even if the information was not added in the presentation.
Ecaterina Ioana Nicoale - BOOKING HOLDINGS ROMANIA SRL
Course - DevOps Foundation®
High level of commitment and knowledge of the trainer
