Skip to content

cterence/homelab-gitops

Repository files navigation

🏠 homelab-gitops

My Kubernetes cluster state managed by ArgoCD.

GitHub last commit GitHub commit activity GitHub

⚙️ Hardware

Device Specs OS Purpose
Lenovo ThinkCentre M75q-1 Ryzen 5 Pro 3400GE + 16GB RAM + 512GB NVMe SSD + 1TB SATA SSD NixOS k8s master & worker node
Lenovo ThinkCentre M75q-2 Ryzen 5 Pro 5650GE + 16GB RAM + 256GB NVMe SSD NixOS k8s worker node

To access my apps, I expose them directly on the internet with port-forwarding on my router.

✨ Features

💻 What's currently deployed in my cluster ?

This is an automatically updated list of the apps I have configured and/or deployed. Click on an app to check my Helm configuration.

App Description Is deployed
argocd Declarative, GitOps continuous delivery tool for Kubernetes
authelia The Single Sign-On Multi-Factor portal for web apps
blackbox-exporter Allows blackbox probing of endpoints over HTTP, HTTPS, DNS, TCP, ICMP and gRPC
calibre-web Web app for browsing, reading and downloading eBooks stored in a Calibre database
cert-manager Automatically provision and manage TLS certificates in Kubernetes
cilium eBPF-based Networking, Security, and Observability
cloudnative-pg CloudNativePG is a comprehensive platform designed to seamlessly manage PostgreSQL databases within Kubernetes environments, covering the entire operational lifecycle from initial deployment to ongoing maintenance
convertx Self-hosted online file converter
crossplane The Cloud Native Control Plane
crowdsec Open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI
dead-drop My recreation of a dead drop application to securely share information
external-dns Configure external DNS servers (AWS Route53, Google CloudDNS and others) for Kubernetes Ingresses and Services
external-secrets External Secrets Operator reads information from a third-party service like AWS Secrets Manager and automatically injects the values as Kubernetes Secrets
ghost Independent platform for publishing online by web and email newsletter
gitlab-runner Run your CI/CD jobs and send the results back to GitLab
go-healthcheck Simple HTTP healthchecks
gotify A simple server for sending and receiving messages in real-time per WebSocket
headscale An open source, self-hosted implementation of the Tailscale control server
home-assistant Open source home automation that puts local control and privacy first
homepage A highly customizable homepage (or startpage / application dashboard) with Docker and service API integrations
homer A very simple static homepage for your server
httpbin Echoes request data as JSON
immich High performance self-hosted photo and video management solution
ingress-nginx Ingress-NGINX Controller for Kubernetes
it-tools Collection of handy online tools for developers
komoplane Crossplane Troubleshooting Tool by Komodor
kube-prometheus-stack kube-prometheus-stack collects Kubernetes manifests, Grafana dashboards, and Prometheus rules combined with documentation and scripts to provide easy to operate end-to-end Kubernetes cluster monitoring with Prometheus using the Prometheus Operator
kubecraft Manage your pods in Minecraft
kyverno Kubernetes native policy management
loki Like Prometheus, but for logs
longhorn Cloud-Native distributed storage built on and for Kubernetes
metallb A network load-balancer implementation for Kubernetes using standard routing protocols
metrics-server Scalable and efficient source of container resource metrics for Kubernetes built-in autoscaling pipelines
minio-operator MinIO Operator for Kubernetes
mosquitto Open source MQTT broker
nextcloud A safe home for all your data
nfs-server Lightweight, robust, flexible, and containerized NFS server
ntfy Send push notifications to your phone or desktop using PUT/POST
oauth2-proxy A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers
openebs Open Source Container Native Storage platform for Stateful Persistent Applications on Kubernetes
opentelemetry-collector Vendor-agnostic implementation on how to receive, process and export telemetry data
opentelemetry-operator Kubernetes Operator for OpenTelemetry Collector
paperless-ngx Scan, index and archive all your physical documents
pihole Network-wide Ad Blocking
qbittorrent qBittorrent BitTorrent client
reloader A Kubernetes controller to watch changes in ConfigMap and Secrets and do rolling upgrades on Pods with their associated Deployment, StatefulSet, DaemonSet and DeploymentConfig
satisfactory-server Satisfactory server
silverbullet Note-taking application optimized for people with a hacker mindset
tailout Spawn an exit node for your tailnet anywhere
tailscale-operator A Kubernetes Operator for Tailscale
thanos Highly available Prometheus setup with long term storage capabilities
vaultwarden Unofficial Bitwarden compatible server written in Rust
velero Backup and migrate Kubernetes applications and their persistent volumes
velero-ui A UI for Velero
zigbee2mqtt Zigbee to MQTT bridge
zitadel Identity infrastructure, simplified for you

🏗️ k0s quick install

The install assumes that all external secrets are already created in a GitLab project as CI/CD variables.

Start the k0s cluster:

cd ~/homelab-gitops
sudo k0s install controller --enable-worker -c ./k0s.yaml
sudo k0s start
sleep 5
sudo k0s status
sudo k0s kubeconfig admin > ~/.kube/config
kubectl taint nodes --all node-role.kubernetes.io/master-

Create the GitLab token secret used by external-secrets:

kubectl create ns external-secrets
kubectl apply -f -
apiVersion: v1
kind: Secret
metadata:
  name: gitlab-secret
  namespace: external-secrets
type: Opaque
stringData:
  token: xxx

Change the token value and type <Ctrl+D> <Enter> to create the secret.

Deploy external-secrets and ArgoCD apps:

cd ../../k8s-apps/external-secrets && helm dependency update && helm template external-secrets -n external-secrets . | kubectl apply -n external-secrets -f -
kubectl create ns argocd
cd ../../k8s-apps/argocd && helm dependency update && helm template argocd . -n argocd | kubectl apply -n argocd -f -
kubectl apply -f ../../argocd-apps/app-of-apps.yaml -n argocd

Cluster should be ready!

💣 Teardown

Save the GitLab token secret

kubectl get secret -n external-secrets gitlab-secret -o yaml > gitlab-secret.yaml

Teardown the cluster

sudo k0s stop
sudo k0s reset -v -d