chore(docs): update readme

2025-11-01 10:27:49 +00:00 · 2024-08-19 23:00:58 +02:00
parent 9a7894a7ab
commit d74b811d84
3 changed files with 26 additions and 27 deletions
--- a/README.md
+++ b/README.md
@@ -44,17 +44,23 @@ I've also written an article on how to get started
 with [Kubernetes on Proxmox](https://blog.stonegarden.dev/articles/2024/03/proxmox-k8s-with-cilium/) if virtualisation
 is more your thing.

-I'm currently working on an article on how to bootstrap your own Talos-cluster using this repo.
+The current iteration of my homelab runs on [Talos](https://talos.dev) Kubernetes and is set up according 
+to [this article](https://blog.stonegarden.dev/articles/2024/08/talos-proxmox-tofu/).

 ## ⚙️ Core Components

 * [Proxmox VE](https://www.proxmox.com/en/proxmox-virtual-environment): Server management and KVM hypervisor.
 * [OpenTofu](https://opentofu.org/): Open source infrastructure as code tool.
 * [Cilium](https://cilium.io/): eBPF-based Networking, Observability, Security.
+* [Proxmox CSI Plugin](https://github.com/sergelogvinov/proxmox-csi-plugin): CSI driver for storage
 * [Argo CD](https://argo-cd.readthedocs.io/en/stable/): Declarative, GitOps continuous delivery tool for Kubernetes.
 * [Cert-manager](https://cert-manager.io/): Cloud native certificate management.
 * [Sealed-secrets](https://github.com/bitnami-labs/sealed-secrets): Encrypt your Secret into a SealedSecret, which is
  safe to store - even inside a public repository.
+* [Keycloak](https://www.keycloak.org/): Open source identity and access management
+* [Gateway API](https://gateway-api.sigs.k8s.io/): Next generation of Kubernetes Ingress
+* [AdGuardHome](https://github.com/AdguardTeam/AdGuardHome): Domain name server backed by Unbound
+* [Netbird](https://netbird.io/): Completely self hosted VPN solution

 ## 🗃️ Folder Structure

@@ -62,7 +68,7 @@ I'm currently working on an article on how to bootstrap your own Talos-cluster u
 .
 ├── 📂 docs                # Documentation
 ├── 📂 k8s                 # Kubernetes manifests
-│   ├── 📂 apps            # Applications on
+│   ├── 📂 apps            # Applications
 │   ├── 📂 infra           # Infrastructure components
 │   └── 📂 sets            # Bootstrapping ApplicationSets
 └── 📂 tofu                # Tofu configuration
@@ -83,17 +89,16 @@ I'm currently working on an article on how to bootstrap your own Talos-cluster u

 ## 🏗️ Work in Progress

- [x] Renovate for automatic updates
- [ ] Keycloak for auth
- [ ] Implement NetBird
- [ ] AdGuard Home
+- [ ] More lightweight auth (Authelia, Authentik, Zitadel, kanidm)
+- [ ] CNPG for databases
 - [ ] External DNS
- [ ] Clean up DNS config

 ## 👷‍ Future Projects

- [ ] OPNSense/pfSense
- [ ] Use BGP instead of ARP
- [ ] Dynamic Resource Allocation for GPU
+- [ ] OPNSense/pfSense/OpenWRT
+- [ ] Implement LGTM-stack for monitoring
+- [ ] Use BGP instead of ARP in Cilium
 - [ ] Local LLM
 - [ ] Cilium mTLS & SPIFFE/SPIRE
+- [ ] Ceph for distributed storage
+- [ ] Dynamic Resource Allocation for GPU
--- a/k8s/infra/network/dns/unbound/deployment.yaml
+++ b/k8s/infra/network/dns/unbound/deployment.yaml
@@ -4,19 +4,14 @@ metadata:
  name: unbound
  namespace: dns
 spec:
-#  replicas: 2
  selector:
    matchLabels:
      app: unbound
-#  strategy:
-#    type: Recreate
  template:
    metadata:
      labels:
        app: unbound
    spec:
-      nodeSelector:
-        topology.kubernetes.io/zone: euclid
      securityContext:
        seccompProfile:
          type: RuntimeDefault
@@ -26,8 +21,6 @@ spec:
          securityContext:
            allowPrivilegeEscalation: false
            readOnlyRootFilesystem: false
-#            capabilities:
-#              drop: [ "ALL" ]
          ports:
            - name: unbound-dns-tcp
              containerPort: 5335
--- a/tofu/kubernetes/main.tf
+++ b/tofu/kubernetes/main.tf
@@ -6,7 +6,8 @@ module "talos" {
  }

  image = {
-    version        = "v1.8.0-alpha.1"
+    version = "v1.8.0-alpha.1"
+    update_version = "v1.8.0-alpha.1" # renovate: github-releases=siderolabs/talos
    schematic = file("${path.module}/talos/image/schematic.yaml")
  }

@@ -53,15 +54,15 @@ module "talos" {
      cpu           = 4
      ram_dedicated = 4096
    }
-#    "work-00" = {
-#      host_node     = "abel"
-#      machine_type  = "worker"
-#      ip            = "192.168.1.110"
-#      mac_address   = "BC:24:11:2E:A8:00"
-#      vm_id         = 810
-#      cpu           = 8
-#      ram_dedicated = 4096
-#    }
+    #    "work-00" = {
+    #      host_node     = "abel"
+    #      machine_type  = "worker"
+    #      ip            = "192.168.1.110"
+    #      mac_address   = "BC:24:11:2E:A8:00"
+    #      vm_id         = 810
+    #      cpu           = 8
+    #      ram_dedicated = 4096
+    #    }
  }

 }