To honor the project's core focus on decentralization, self-sovereignty (via DID standards like W3C and SSI), and manageability (through open-source, peer-to-peer tools), we've pivoted entirely away from any centralized VPS or cloud providers. Instead, we leverage IPFS for content-addressable storage, combined with platforms like Fleek for hosting, Pinata for pinning, and Holochain for app distribution—ensuring no single point of control, low costs, and user-owned data. This maintains the original IPFS/GitHub foundation while enabling scalable SaaS features (e.g., subscription via on-chain payments) and DID integrations (e.g., verifiable credentials stored immutably).

A decentralized SaaS empowering users with sovereign identity, hosted peer-to-peer for resilience.

graph TD
    A[End Users / Customers] -->|Secure, Sovereign Access| B[Decentralized SaaS Platform]
    B -->|Self-Sovereign Identity| C[DID Management Layer]
    C -->|Immutable Verification| D[Peer-to-Peer Network]
    B -->|On-Chain Analytics & Monetization| E[Business Outcomes: Resilient Growth, User Empowerment]
    F[Stakeholders: Community, Developers] -->|Governance & Contributions| B

Emphasizing IPFS gateways and decentralized resolvers for manageability, with GitHub for collaborative code sovereignty.

graph LR
    A[Frontend: React/Next.js UI] -->|CID-Based Calls| B[Backend: Node.js Services on IPFS]
    B -->|Identity Ops| C[DID Integration: DIDKit/Veramo]
    C -->|Resolution & VCs| D[Decentralized Resolvers: Uniresolver on IPFS]
    B -->|Data Storage| E[Immutable Storage: IPFS/Filecoin with Multi-Tenant Pinning]
    F[Automation Layer: n8n Bots & AI] -->|Workflow Sync| G[Project Management: ClickUp API via GitHub Mirrors]
    H[DevOps Pipeline: GitHub Actions] -->|CI/CD to IPFS| B
    I[Monitoring: Open-Source Tools like Grafana with IPFS Logs] -->|Metrics| B

Fully revised for decentralization: Use Fleek/Pinata for hosting (CIDs instead of ARNs/IPs), IPFS Cluster for orchestration, and self-managed nodes for sovereignty. Manageability via simple CLI tools (e.g., ipfs add/deploy). No external vendors—run on local/community hardware or Akash-like networks for distributed compute.

graph TD
    A[User Device: Any Peer Node] -->|IPFS Gateway Access| B[Content Load Balancer]
    B -->|P2P Distribution| C[IPFS Cluster v1.0.5]
    C -->|Pins Content| D[Backend Service: Node.js v20]
    D -->|OrbitDB/PubSub| E[Storage: IPFS v0.24]
    D -->|HTTP API| F[DID Service: DIDKit v0.3]
    F -->|Swarm Connect| G[Blockchain Node: Geth v1.13]
    H[CI/CD: GitHub Actions] -->|IPFS Add & Pin| C
    I[Monitoring: Prometheus v2.53] -->|Metrics Collection| C
    J[Secrets: Local Vault] -->|Secure Access| D
    J -->|Secure Access| F
    K[Automation: n8n Local] -->|Webhook Triggers| D
    
    class A,B,C,D,E,F,G,H,I,J,K default-node
    classDef default-node fill:#e1f5fe,stroke:#01579b,stroke-width:2px

• User Device: Any peer node with IPFS capability
• Access Point: IPFS Gateway (https://ipfs.io/ipfs/)
• Requirements: Standard web browser or IPFS desktop client

• Component: HAProxy on Local Node
• Configuration: haproxy.cfg with peer endpoints
• Function: P2P content distribution and load balancing

• Version: IPFS Cluster 1.0.5
• Nodes: Self-hosted on Raspberry Pi/PCs
• Security: Swarm Key PSK at /key/swarm/psk/1.0.0/...
• Orchestration: Automated pinning and replication

• Runtime: Node.js v20
• Content ID: CID: Qm... (Pinned via Pinata CLI)
• Environment: IPFS_API=/ip4/127.0.0.1/tcp/5001
• Database: OrbitDB with PubSub for real-time updates

• IPFS Version: v0.24
• Database CID: bafy...
• Architecture: Multi-tenant via sharding
• Persistence: Backed by Filecoin storage deals

• DIDKit: Version 0.3
• Veramo: Version 5 framework
• Resolver: ipfs://Qm... (Uniresolver Daemon on Local)
• Function: Decentralized identity management

• Client: Geth v1.13 Light Mode
• Network: Ethereum (or Polygon for cost efficiency)
• Peer Address: /ip4/192.168.1.100/tcp/30303/p2p/...
• Connectivity: Swarm-based peer discovery

• Platform: GitHub Actions
• Workflow: .github/workflows/ipfs-deploy.yml
• Secrets: PINATA_API_KEY for remote pinning
• Process: Automated ipfs add & pin operations

• Metrics: Prometheus v2.53 Exporter for IPFS
• Dashboard: Grafana v11.2 (CID: Qm...)
• Alerting: Latency > 1s via Local SMTP
• Visibility: Real-time node performance monitoring

• Storage: Local Vault or OrbitDB
• Paths: /did/keys (Encrypted with User Wallets)
• Security: End-to-end encryption for sensitive data

• Platform: n8n Local Instance
• Authentication: JWT tokens
• Webhook: http://localhost:5678/webhook
• Function: Workflow automation and orchestration

Minimum Node Specifications:
- Raspberry Pi 4 (4GB+ RAM) or equivalent PC
- 500GB+ SSD storage
- Reliable internet connection
- Static IP or dynamic DNS setup

# IPFS Swarm Configuration
ipfs config Addresses.Swarm [
  "/ip4/0.0.0.0/tcp/4001",
  "/ip6/::/tcp/4001",
  "/ip4/0.0.0.0/udp/4001/quic",
  "/ip6/::/udp/4001/quic"
]

# Cluster Peer Configuration
ipfs-cluster-service init --consensus crdt

# Content Deployment
ipfs add -r ./build --pin=true
ipfs-cluster-ctl pin add <CID> --name "frontend-build"

# Node Management
ipfs-cluster-ctl status
ipfs stats bw
ipfs repo stat

• Hosting: Fleek/Pinata for redundancy only
• Compute: Local hardware or Akash Network
• Storage: IPFS Cluster with Filecoin backup
• Identity: Self-sovereign DID management

1. Local Hardware: Raspberry Pi clusters
2. Akash Network: Distributed cloud compute
3. Community Nodes: Volunteer-operated infrastructure
4. Hybrid Approach: Mixed deployment for resilience

• Deployment: ipfs add/deploy commands
• Updates: CID-based content addressing
• Scaling: Add more peer nodes to cluster
• Monitoring: Built-in Prometheus metrics

• Swarm Keys: Pre-shared keys for private networks
• API Security: JWT tokens for service authentication
• Secret Encryption: User wallet-based encryption
• Network Isolation: Private IPFS swarm configuration

• Content Addressing: Immutable CIDs
• Encryption: End-to-end for sensitive data
• Backup: Filecoin deals for persistence
• Recovery: Multi-node cluster replication

This setup ensures full sovereignty (users control their DID keys and data pins), decentralization (no central servers—rely on IPFS swarm), and manageability (simple commands like ipfs pin add for updates, with GitHub for versioned configs). Total costs near-zero beyond hardware/electricity.

For initial testing, Akash Network offers decentralized compute leasing with this quick setup script:

#!/bin/bash
# Akash Network Deployment Script
AKASH_NETWORK=mainnet
DEPLOY_YAML=deploy.yaml

# Create deployment configuration
cat > $DEPLOY_YAML << EOF
version: "2.0"
services:
  node:
    image: ipfs/kubo:latest
    expose:
      - port: 4001
        as: swarm
      - port: 5001
        as: api
    commands:
      - ipfs init
      - ipfs config Addresses.API /ip4/0.0.0.0/tcp/5001
      - ipfs config Addresses.Gateway /ip4/0.0.0.0/tcp/8080
      - ipfs daemon
EOF

# Deploy to Akash
akash tx deployment create $DEPLOY_YAML --from $WALLET --node $AKASH_NODE --chain-id $AKASH_NETWORK

This architecture ensures complete decentralization while maintaining operational simplicity through standardized CLI tools and community-operated infrastructure.