daniel/homelab
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
72 Commits 1 Branch 0 Tags
b95f2e74f3cdf9a1b9043e332502f12577bb222e
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Flux b95f2e74f3 Add Flux v2.8.6 component manifests
2026-05-01 18:32:14 -04:00
apps/hydra
Reset homelab
2026-05-01 18:31:44 -04:00
clusters/hydra
Add Flux v2.8.6 component manifests
2026-05-01 18:32:14 -04:00
cmd
Recreate the truenas-csi stack
2026-05-01 15:02:05 -04:00
config/k3s
Remove (temporarily) linkding deployment
2026-04-25 11:48:54 -04:00
infrastructure/hydra
Reset homelab
2026-05-01 18:31:44 -04:00
magefiles
Add Longhorn and hydra-1 and hydra-2 nodes
2026-04-25 18:15:23 -04:00
pkg
Revert resource for uploads pvc in immich
2026-05-01 15:27:52 -04:00
scripts
Reset homelab
2026-05-01 18:31:44 -04:00
.gitignore
feat: implement secret management with SOPS
2026-04-20 19:58:02 -04:00
.sops.yaml
Encrypt secrets with correct key
2026-04-21 09:03:39 -04:00
go.mod
Update deployments
2026-05-01 14:43:12 -04:00
go.sum
Update deployments
2026-05-01 14:43:12 -04:00
README.md
Add CoreDNS config
2026-05-01 18:05:02 -04:00

README.md

Homelab

Steps to Bootstrap From scratch

  1. Install k3s in all nodes (out of the scope of this document)
    • To install the server run mage installk3s
    • To install worker nodes run mage installk3s_worker, you will get the node token.
    • Run inside of all nodes that are going to be workers:
    curl -sfL https://get.k3s.io | K3S_URL=https://hydra-0:6443 K3S_TOKEN=<node_token> sh -s -
  2. Import Kubeconfig with ./scripts/get_kubeconfig.sh
  3. Bootstrap Flux
    • Run:
flux --kubeconfig ~/.kube/hydra bootstrap gitea --token-auth --hostname=danicos.dev --owner=daniel --repository=homelab --private=false --branch=main --personal=true --path=./clusters/hydra

- Run `./scripts/create_flux_secret.sh` to allow for SOPS Decription

GitOps

A set of "best practices" where the entire code delivery process is controlled via Git, including infrastructure and application definition as code and automation to complete updates and rollbacks.

The key GitOps Principles:

  • The entire system (infrastructure and applications) is described declaratively.
  • The canonical desired system state is versioned in Git.
  • Changes approved are automated and applied to the system.
  • Software agents ensure correctness and alert on divergence. https://opengitops.dev/

Key points for a Kubernetes cluster:

The state of the cluster is always described in Git. Git holds everything for the application and not just the source code. There is no external deployment system with full access to the cluster. The cluster itself is pulling changes and deployment information. The GitOps controller is running in a constant loop and always matches the Git state with the cluster state (reconciliation loop). flux vs ArgoCD Flux is more CLI Driven ArgoCD has a richer GUI

Dev dependencies

  • AGE
  • SOPS
  • Go Toolchain

Secrets

Some secrets are written a Go files, they must be decrypted first. Once decrypted they show up at ./pkg/secrets/... Note that they are referenced in ./cmd/secrets/main.go.

Flux

Prerequisites:

  • Kubernetes Cluster -Github (giea, etc) personal access token

Managing secrets with SOPS

First step to manage secrets in Flux with SOPS, is to add the secret-key to Kubernetes and make it accessible to the flux system.

To decrypt secrets use:

sops --decrypt <file_path>

There must be an environment variable named SOPS_AGE_KEY_FILE that contains the path of the AGE key text file.

Pending

Storage

Object Storage from NAS Block Storage from NAS

Distributed Storage from: - Longhorn

True NAS key

1-ndzlY0C6o2KW9DJHnjTcjXi49VEFgDp5Up8GZ7FXmgNoU7LNwwI7MMrk2WbI6o5J

TrueNAS CSI Driver configuration

NFS

Via NAS for Files, like photos, videos, etc...

ISCS

Via NAS for Databases

Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme 906 KiB
Languages
Go 93.3%
Shell 6.7%