Skip to content
View gg3-dev's full-sized avatar
🌱
Scaling quietly, branching endlessly
🌱
Scaling quietly, branching endlessly
2 followers · 1 following
  • GG3 Infrastructure Stack
  • California, USA
  • 09:11 (UTC -08:00)

Block or report gg3-dev

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
gg3-dev/README.md

DevSecOps Infrastructure Β· GG3-DevNet

Automated systems. Hardened configs. Terminal-native tooling.

Python Bash Puppet NGINX XCP-ng Tailscale Debian Linux Zsh Vim tmux Markdown

🧰 What's Inside

This GitHub organization contains the actual infrastructure stack powering GG3-DevNet β€” a homelab-based environment for DevOps, security, and system engineering practice. Everything here is tested in production-like conditions with a focus on auditability, reproducibility, and secure defaults.

~/gg3-dev
β”œβ”€β”€ gg3-docs         # system architecture, firewall policies, SSH setup
β”œβ”€β”€ gg3utils         # network tools, port scanners, UFW checkers (Python/Bash)
β”œβ”€β”€ gg3-admin-tools  # bootstrap scripts, SSH key management, dotfiles deploy
β”œβ”€β”€ puppet-modules   # config management for Debian servers (in progress)
└── .gg3.conf        # internal-only: shell config, install scripts, redacted from public

πŸ”§ Infra Components

  • XCP-ng β€” Bare-metal hypervisor w/ static IP segmentation and manual snapshot control
  • Puppet β€” WIP modules for enforcing packages, user config, and service states
  • NGINX β€” Hardened TLS web proxy and Certbot-enabled static site hosting
  • UFW β€” Host-level firewalls locked to key-based SSH only
  • Tailscale β€” Temporary fallback access until WireGuard is deployed
  • Bash & Python β€” Health checks, audits, and provisioning tools run entirely in terminal

πŸ” DevSecOps Practices

# Scan critical range
nmap -sS 10.0.0.0/24

# Check UFW and verify port lock
sudo ufw status verbose

# Deploy internal config
sudo ./deploy.sh --env dev
  • SSH key auth only β€” namespaced by function and host
  • Firewalls deny all except pre-approved ports
  • TLS enforced with manual NGINX hardening
  • Dotfiles tracked and deployed like code
  • All config changes documented in plaintext and Markdown

πŸ“‚ Active Projects

Repo Role
gg3-docs Lab architecture, config standards, SSH key layout
gg3utils Terminal-native tooling for audits, scans, and monitoring
gg3-admin-tools ZSH/bootstrap automation, SSH key rotation, deploy helpers
puppet-modules Declarative state management (packages, users, services)

πŸ§‘β€πŸ’» Maintainer

Juan Garcia β€” @0x1G / 0xjuang

πŸ” Notes on Privacy & Structure

  • No internal IPs, DNS names, or secrets are exposed
  • All tools are used actively β€” nothing speculative or aspirational
  • Designed to be portable across Debian systems and lab-scale deployments

Infrastructure shouldn’t lie. What’s here reflects what’s running.

Last updated: June 2025 Β· Signed: 0x1G

Popular repositories Loading

  1. gg3utils gg3utils Public

    Lightweight automation and networking utilities for system operations and DevOps workflows.

    Shell

  2. gg3-docs gg3-docs Public

    Technical documentation for the GG3 Lab’s infrastructure, workflows, and best practices.

  3. gg3-dev gg3-dev Public

    Infrastructure, automation, and documentation stack for the GG3 Lab.

  4. gg3-admin-tools gg3-admin-tools Public

    Administrative Bash scripts for dotfiles management, SSH key setup, and system bootstrapping.

    Shell

  5. vm-utils vm-utils Public

    A collection of scripts and tools for provisioning, configuring, and managing virtual machines across development and lab environments.

    Shell