This project stores configurations of services in my homelab.
- Add more nodes for a high-availability setup
- Enable longhorn's replication
- Implement solution for backup to offsite storage
- Include IaC (Infrastructure as Code) for server setup (OS & packages)
- Add and improve documentations
- Add CI/CD to lint and sync the configurations
The homelab runs on a single machine with the following specifications:
- Intel i5-3330
- 16GB RAM (8GB+8GB)
- 128GB SSD
- 512GB HDD + 1TB HDD (LVM)
- Nvidia 1050Ti
The operating system of choice is Debian 11 (bullseye), with the following packages installed:
A single-node k3s cluster is installed, with the following optional addons disabled:
- helm-controller
- servicelb
- traefik
- local-storage
- metrics-server
Third-party apps/services:
- argo-cd
- cert-manager
- cloudflared
- firefly-iii
- grafana
- httpbin
- ingress-nginx
- jellyfin
- kube-state-metrics
- loki
- longhorn
- metrics-server
- minio
- nvidia-device-plugin
- prometheus
- promtail
- qbittorrent
- syncthing
- tailscaled
Self-developed apps/services:
- cfts-ddns (monitor and update domains to point to specific tailscale machines private IPs)
- GitOps solution of choice is combination of kustomize and argo-cd
- Secrets are encrypted using sops and ksops
Public endpoints are served using Cloudflare Tunnel, pointing to ingress-nginx.
Private endpoints are served using Tailscale, with each ingress-nginx instance having one tailscale sidecar, giving each of them a private tailscale IP. One or more A records with the same domain are created that point to these IPs (with the help of cfts-ddns). This allows any tailscale-connected clients to access these endpoints by resolving the domain through public DNS servers.