daniel/homelab
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
943a6d5ac175bfac0c42e4cabbcaeffa0317c928
homelab/README.md
Daniel Cosme 02d0f25fd3 Remove stale TrueNAS key
2026-05-07 14:25:09 -04:00

73 lines
2.6 KiB
Markdown
Raw Blame History

# Homelab
## Steps to Bootstrap From scratch
1. Install k3s in all nodes (out of the scope of this document)
- To install the server run `mage installk3s`
- To install worker nodes run `mage installk3s_worker`, you will get the node token.
- Run inside of all nodes that are going to be workers:
```sh
curl -sfL https://get.k3s.io | K3S_URL=https://hydra-0:6443 K3S_TOKEN=<node_token> sh -s -
```
2. Import Kubeconfig with `./scripts/get_kubeconfig.sh`
3. Bootstrap Flux
- Run:
```sh
flux --kubeconfig ~/.kube/hydra bootstrap gitea --token-auth --hostname=danicos.dev --owner=daniel --repository=homelab --private=false --branch=main --personal=true --path=./clusters/hydra
```
- Run `./scripts/create_flux_secret.sh` to allow for SOPS Decription
## GitOps
A set of "best practices" where the entire code delivery process is controlled via Git, including infrastructure and application definition as code and automation to complete updates and rollbacks.
The key GitOps Principles:
- The entire system (infrastructure and applications) is described declaratively.
- The canonical desired system state is versioned in Git.
- Changes approved are automated and applied to the system.
- Software agents ensure correctness and alert on divergence.
https://opengitops.dev/
Key points for a Kubernetes cluster:
The state of the cluster is always described in Git. Git holds everything for the application and not just the source code.
There is no external deployment system with full access to the cluster. The cluster itself is pulling changes and deployment information.
The GitOps controller is running in a constant loop and always matches the Git state with the cluster state (reconciliation loop).
flux vs ArgoCD
Flux is more CLI Driven ArgoCD has a richer GUI
## Dev dependencies
- AGE
- SOPS
- Go Toolchain
## Secrets
Some secrets are written a Go files, they must be decrypted first.
Once decrypted they show up at `./pkg/secrets/..`. Note that they are referenced in `./cmd/secrets/main.go`.
## Flux
Prerequisites:
- Kubernetes Cluster
-Github (giea, etc) personal access token
### Managing secrets with SOPS
First step to manage secrets in Flux with SOPS, is to add the secret-key to Kubernetes and make it accessible to the flux system.
To decrypt secrets use:
```sh
sops --decrypt <file_path>
```
There must be an environment variable named `SOPS_AGE_KEY_FILE` that contains the path of the AGE key text file.
## Pending
### Storage
Object Storage from NAS
Block Storage from NAS
Distributed Storage from:
- Longhorn
## NFS
Via NAS for Files, like photos, videos, etc...
## ISCS
Via NAS for Databases
Reference in New Issue View Git Blame Copy Permalink