scottk/homelab
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/homelab.git synced 2025-11-03 19:37:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore(docs): update readme

Browse Source
This commit is contained in:
Vegard Hagen
2024-08-19 23:00:58 +02:00
parent 9a7894a7ab
commit d74b811d84
3 changed files with 26 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
README.md
View File

@@ -44,17 +44,23 @@ I've also written an article on how to get started
with [Kubernetes on Proxmox](https://blog.stonegarden.dev/articles/2024/03/proxmox-k8s-with-cilium/) if virtualisation with [Kubernetes on Proxmox](https://blog.stonegarden.dev/articles/2024/03/proxmox-k8s-with-cilium/) if virtualisation
is more your thing. is more your thing.
I'm currently working on an article on how to bootstrap your own Talos-cluster using this repo. The current iteration of my homelab runs on [Talos](https://talos.dev) Kubernetes and is set up according
to [this article](https://blog.stonegarden.dev/articles/2024/08/talos-proxmox-tofu/).
## ⚙️ Core Components ## ⚙️ Core Components
* [Proxmox VE](https://www.proxmox.com/en/proxmox-virtual-environment): Server management and KVM hypervisor. * [Proxmox VE](https://www.proxmox.com/en/proxmox-virtual-environment): Server management and KVM hypervisor.
* [OpenTofu](https://opentofu.org/): Open source infrastructure as code tool. * [OpenTofu](https://opentofu.org/): Open source infrastructure as code tool.
* [Cilium](https://cilium.io/): eBPF-based Networking, Observability, Security. * [Cilium](https://cilium.io/): eBPF-based Networking, Observability, Security.
* [Proxmox CSI Plugin](https://github.com/sergelogvinov/proxmox-csi-plugin): CSI driver for storage
* [Argo CD](https://argo-cd.readthedocs.io/en/stable/): Declarative, GitOps continuous delivery tool for Kubernetes. * [Argo CD](https://argo-cd.readthedocs.io/en/stable/): Declarative, GitOps continuous delivery tool for Kubernetes.
* [Cert-manager](https://cert-manager.io/): Cloud native certificate management. * [Cert-manager](https://cert-manager.io/): Cloud native certificate management.
* [Sealed-secrets](https://github.com/bitnami-labs/sealed-secrets): Encrypt your Secret into a SealedSecret, which is * [Sealed-secrets](https://github.com/bitnami-labs/sealed-secrets): Encrypt your Secret into a SealedSecret, which is
safe to store - even inside a public repository. safe to store - even inside a public repository.
* [Keycloak](https://www.keycloak.org/): Open source identity and access management
* [Gateway API](https://gateway-api.sigs.k8s.io/): Next generation of Kubernetes Ingress
* [AdGuardHome](https://github.com/AdguardTeam/AdGuardHome): Domain name server backed by Unbound
* [Netbird](https://netbird.io/): Completely self hosted VPN solution
## 🗃️ Folder Structure ## 🗃️ Folder Structure
@@ -62,7 +68,7 @@ I'm currently working on an article on how to bootstrap your own Talos-cluster u
. .
├── 📂 docs # Documentation ├── 📂 docs # Documentation
├── 📂 k8s # Kubernetes manifests ├── 📂 k8s # Kubernetes manifests
│ ├── 📂 apps # Applications on │ ├── 📂 apps # Applications
│ ├── 📂 infra # Infrastructure components │ ├── 📂 infra # Infrastructure components
│ └── 📂 sets # Bootstrapping ApplicationSets │ └── 📂 sets # Bootstrapping ApplicationSets
└── 📂 tofu # Tofu configuration └── 📂 tofu # Tofu configuration
@@ -83,17 +89,16 @@ I'm currently working on an article on how to bootstrap your own Talos-cluster u
## 🏗️ Work in Progress ## 🏗️ Work in Progress
- [x] Renovate for automatic updates - [ ] More lightweight auth (Authelia, Authentik, Zitadel, kanidm)
- [ ] Keycloak for auth - [ ] CNPG for databases
- [ ] Implement NetBird
- [ ] AdGuard Home
- [ ] External DNS - [ ] External DNS
- [ ] Clean up DNS config
## 👷‍ Future Projects ## 👷‍ Future Projects
- [ ] OPNSense/pfSense - [ ] OPNSense/pfSense/OpenWRT
- [ ] Use BGP instead of ARP - [ ] Implement LGTM-stack for monitoring
- [ ] Dynamic Resource Allocation for GPU - [ ] Use BGP instead of ARP in Cilium
- [ ] Local LLM - [ ] Local LLM
- [ ] Cilium mTLS & SPIFFE/SPIRE - [ ] Cilium mTLS & SPIFFE/SPIRE
- [ ] Ceph for distributed storage
- [ ] Dynamic Resource Allocation for GPU

7
k8s/infra/network/dns/unbound/deployment.yaml
View File

@@ -4,19 +4,14 @@ metadata:
name: unbound name: unbound
namespace: dns namespace: dns
spec: spec:
# replicas: 2
selector: selector:
matchLabels: matchLabels:
app: unbound app: unbound
# strategy:
# type: Recreate
template: template:
metadata: metadata:
labels: labels:
app: unbound app: unbound
spec: spec:
nodeSelector:
topology.kubernetes.io/zone: euclid
securityContext: securityContext:
seccompProfile: seccompProfile:
type: RuntimeDefault type: RuntimeDefault
@@ -26,8 +21,6 @@ spec:
securityContext: securityContext:
allowPrivilegeEscalation: false allowPrivilegeEscalation: false
readOnlyRootFilesystem: false readOnlyRootFilesystem: false
# capabilities:
# drop: [ "ALL" ]
ports: ports:
- name: unbound-dns-tcp - name: unbound-dns-tcp
containerPort: 5335 containerPort: 5335

21
tofu/kubernetes/main.tf
View File

@@ -6,7 +6,8 @@ module "talos" {
} }
image = { image = {
version = "v1.8.0-alpha.1" version = "v1.8.0-alpha.1"
update_version = "v1.8.0-alpha.1" # renovate: github-releases=siderolabs/talos
schematic = file("${path.module}/talos/image/schematic.yaml") schematic = file("${path.module}/talos/image/schematic.yaml")
} }
@@ -53,15 +54,15 @@ module "talos" {
cpu = 4 cpu = 4
ram_dedicated = 4096 ram_dedicated = 4096
} }
# "work-00" = { # "work-00" = {
# host_node = "abel" # host_node = "abel"
# machine_type = "worker" # machine_type = "worker"
# ip = "192.168.1.110" # ip = "192.168.1.110"
# mac_address = "BC:24:11:2E:A8:00" # mac_address = "BC:24:11:2E:A8:00"
# vm_id = 810 # vm_id = 810
# cpu = 8 # cpu = 8
# ram_dedicated = 4096 # ram_dedicated = 4096
# } # }
} }
} }