{"id":21429593,"url":"https://github.com/dc-tec/k8s-gitops","last_synced_at":"2026-04-17T00:35:16.769Z","repository":{"id":226511209,"uuid":"768848851","full_name":"dc-tec/k8s-gitops","owner":"dc-tec","description":"Kubernetes GitOps repository for my homelab","archived":false,"fork":false,"pushed_at":"2026-02-25T23:43:22.000Z","size":585,"stargazers_count":1,"open_issues_count":15,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-02-26T01:47:12.500Z","etag":null,"topics":["argocd","gitops","kubernetes","packer","talos","terraform"],"latest_commit_sha":null,"homepage":"","language":"YAML","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dc-tec.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2024-03-07T21:06:58.000Z","updated_at":"2025-04-03T22:36:43.000Z","dependencies_parsed_at":"2024-06-24T21:23:20.742Z","dependency_job_id":"b6e75caa-1dad-4747-acdc-8001a4b18d92","html_url":"https://github.com/dc-tec/k8s-gitops","commit_stats":null,"previous_names":["dc-tec/k3d-gitops","dc-tec/k8s-gitops"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/dc-tec/k8s-gitops","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dc-tec%2Fk8s-gitops","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dc-tec%2Fk8s-gitops/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dc-tec%2Fk8s-gitops/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dc-tec%2Fk8s-gitops/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dc-tec","download_url":"https://codeload.github.com/dc-tec/k8s-gitops/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dc-tec%2Fk8s-gitops/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31910165,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-16T18:22:33.417Z","status":"ssl_error","status_checked_at":"2026-04-16T18:21:47.142Z","response_time":69,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["argocd","gitops","kubernetes","packer","talos","terraform"],"created_at":"2024-11-22T22:18:24.244Z","updated_at":"2026-04-17T00:35:16.716Z","avatar_url":"https://github.com/dc-tec.png","language":"YAML","funding_links":[],"categories":[],"sub_categories":[],"readme":"# k8s-gitops\n\n## Configuration\n\n| cluster | platform     | OS    | control nodes | worker nodes |\n| ------- | ------------ | ----- | ------------- | ------------ |\n| prod    | libvirt/qemu | Talos | 3             | 3            |\n\nThe \"prod\" cluster is deployed using Terraform, see [cluster config](./clusters/prd/terraform/) and makes use of the Talos Kubernetes distribution. A base image is created using packer, see [packer config](./configs/packer).\n\nFor testing purposes, the \"tst\" cluster can be deployed using Terraform, see [cluster config](./clusters/tst/terraform/).\n\n## Hardware\n\nThe \"prod\" cluster runs on a single host with the following specs:\n\n| Component | Specification    |\n| --------- | ---------------- |\n| CPU       | AMD Ryzen 5 2600 |\n| Memory    | 64GB DDR4        |\n| Video     | RTX 2060 Super   |\n| OS        | NixOS 24.11      |\n\n## Bootstrap\n\nThe cluster is bootstrapped using a script that sets up the core components:\n\n- Gateway API for ingress\n- Sealed Secrets for secret management\n- ArgoCD for GitOps deployment\n\nSee [bootstrap documentation](infra/bootstrap/README.md) for detailed setup instructions.\n\n## Core Components\n\n### ArgoCD\n\nArgoCD is configured with:\n\n- OIDC authentication using EntraID\n- Gateway API ingress\n- [Custom RBAC configuration](infra/bootstrap/argocd/overlays/argocd-rbac-cm.yaml)\n- Project structure for applications and infrastructure\n\n### Secret Management\n\nTwo-tier approach to secret management:\n\n1. Sealed Secrets\n\n   - Used for bootstrap and initial secrets\n   - Enables encrypted secrets in git\n   - See [sealed-secrets configuration](infra/bootstrap/sealed-secrets/kustomization.yaml)\n\n2. External Secrets (post-bootstrap) and HashiCorp Vault\n   - Integration with Azure Key Vault\n   - Used for application secrets\n   - Managed by ArgoCD\n\n## How to deploy\n\nSee [justfile](./justfile) for deployment instructions.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdc-tec%2Fk8s-gitops","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdc-tec%2Fk8s-gitops","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdc-tec%2Fk8s-gitops/lists"}