Skip to content
View ch1ch0-FOSS's full-sized avatar
0 followers · 2 following

Block or report ch1ch0-FOSS

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
ch1ch0-FOSS/README.md

Self-taught Linux Systems Architect & FOSS Advocate | Career Transitioner

Transitioning from health & wellness to Linux infrastructure and DevOps through hands-on system administration, automation, and open-source contributions.

🔧 Current Focus

  • Building production Linux infrastructure on Apple Silicon (M1 Mac Mini)
  • Developing vim-first workflows and keyboard-driven productivity tools
  • Infrastructure-as-Code deployment pipelines (Ansible, Shell scripting)
  • Self-hosting fully-owned services with zero vendor lock-in (Forgejo, Syncthing, Vaultwarden)

🛠️ Tech Stack

Systems & Infrastructure:

  • OS: Fedora Asahi Remix 42 (Apple Silicon), SELinux enforcing
  • Window Manager: Sway (Wayland), vim-universal keybinds
  • Version Control: Forgejo (self-hosted), GitHub (public mirrors)
  • IaC & Automation: Ansible playbooks, Bash/Shell scripting, systemd, cron
  • Security: SSH key-only, firewalld, SELinux

Development:

  • Languages: TypeScript, Python, Shell/Bash
  • Frontend: Next.js, React, HTML/CSS
  • Databases: MariaDB, PostgreSQL
  • Tools: Git, nvim, vifm, tmux, rofi

Self-Hosted Services (Binary-deployed):

  • Forgejo (Git platform)
  • Syncthing (P2P file sync, binary deployment)
  • Vaultwarden (Password management, binary deployment)
  • ollama (LLM tools)

📂 Featured Repositories

ch1ch0.me

Personal portfolio with automated deployment pipeline. Live: www.ch1ch0.me

  • Next.js 16, TypeScript, Vercel hosting
  • Forgejo → GitHub → Production automation

srv-m1m-asahi

Production Linux infrastructure on Apple Silicon M1. Demonstrates:

  • Security hardening (SELinux, SSH keys, firewalld)
  • Vim-toolkit workflow (nvim, vifm, tmux, Sway)
  • Self-hosted services (Forgejo, Syncthing, Vaultwarden) via binary deployment
  • Ansible playbooks for infrastructure-as-code provisioning
  • Checkpoint-driven documentation

forgejo-selfhost

IaC kit for self-hosting Forgejo Git platform

  • Ansible automation and Shell deployment scripts
  • Installation guides and troubleshooting documentation
  • Production-ready configuration templates
  • Complete ownership model

syncthing-setup

P2P file synchronization IaC deployment

  • Binary-based deployment for Fedora Asahi compatibility
  • Ansible playbooks and Shell scripts for automated setup
  • Configuration templates for team and individual use
  • Security hardening and best practices

vaultwarden-setup

Self-hosted password management infrastructure

  • Binary deployment for maximum stability on Apple Silicon
  • Ansible-driven provisioning and management
  • Bitwarden client compatibility
  • Zero external dependencies

📊 GitHub Stats

🎯 Vision & Journey

Core Mission: Infrastructure Ownership

Building infrastructure for complete local ownership and agency—free from vendor lock-in and corporate dependency. Every service is on-premise, self-hosted, and operator-controlled.

Key Milestones:

  • ✅ Sway + vim-universal toolkit consolidation
  • ✅ Local-first Git workflow with Forgejo
  • ✅ Production site deployment (ch1ch0.me)
  • ✅ Security hardening (SELinux, SSH, firewall)
  • Binary-deployed Syncthing + Vaultwarden on Fedora Asahi
  • Infrastructure-as-Code with Ansible + Shell scripting
  • 3-tier IaaS model: DIY → Managed → Enterprise

Active Development:

  • Ansible playbooks for idempotent infrastructure provisioning
  • Shell script deployment and health-check automation
  • Complete IaC documentation for operator reproducibility
  • Community DIY self-hosting kits (Tier 1)
  • Enterprise-ready managed services (Tier 2+)

🧩 Unix Philosophy Approach

Modular tools that do ONE thing well, completely owned:

Rather than monolithic platforms controlled by external companies, infrastructure built with best-in-class tools that compose together:

  • Syncthing for P2P file sync—P2P architecture, no central authority
  • Vaultwarden for password management—Bitwarden-compatible, self-hosted, your data
  • Forgejo for Git version control—GitHub alternative with full operator control

Each service is independent, interoperable, and completely operator-owned. No SaaS dependency, no vendor lock-in, no data extraction.

Infrastructure-as-Code:

All services deployed via Ansible and Shell scripts—repeatable, auditable, and portable across systems. Complete infrastructure reproducibility through code.

🌐 Connect

💡 Philosophy

Local-first, audit-ready, keyboard-driven, operator-controlled

All infrastructure is on-premise and self-hosted. Transparent, auditable, and reproducible via infrastructure-as-code. Vim-aligned productivity and complete operational agency. Work originates in local Forgejo before mirroring to GitHub for community contribution.

"Own your infrastructure. Control your data. Code is law."

Popular repositories Loading

  1. srv-m1m-asahi srv-m1m-asahi Public

    Fedora Asahi Server on M1 Mac Mini

    Shell

  2. ch1ch0-FOSS ch1ch0-FOSS Public

    GitHub Landing

  3. ch1ch0.me ch1ch0.me Public

    TypeScript

  4. forgejo-selfhost forgejo-selfhost Public

  5. vaultwarden-setup vaultwarden-setup Public

  6. syncthing-setup syncthing-setup Public