{"id":26570162,"url":"https://github.com/pando85/homelab","last_synced_at":"2025-10-06T06:39:28.537Z","repository":{"id":37249746,"uuid":"504819059","full_name":"pando85/homelab","owner":"pando85","description":"Small and energy-efficient self-hosting infrastructure.","archived":false,"fork":false,"pushed_at":"2024-04-13T09:33:21.000Z","size":6435,"stargazers_count":19,"open_issues_count":1,"forks_count":5,"subscribers_count":2,"default_branch":"master","last_synced_at":"2024-04-14T01:06:32.521Z","etag":null,"topics":["argocd","gitops","home-cloud","home-cluster","homelab","k3d","k3s","k8s-at-home","kanidm","zfs"],"latest_commit_sha":null,"homepage":"https://pando85.github.io/homelab/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":"khuedoan/homelab","license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/pando85.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2022-06-18T11:01:48.000Z","updated_at":"2024-04-15T06:11:25.141Z","dependencies_parsed_at":"2023-02-19T10:01:15.418Z","dependency_job_id":"a4aa72cd-a795-4146-9f24-97bd38992fe5","html_url":"https://github.com/pando85/homelab","commit_stats":null,"previous_names":[],"tags_count":7,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pando85%2Fhomelab","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pando85%2Fhomelab/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pando85%2Fhomelab/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pando85%2Fhomelab/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/pando85","download_url":"https://codeload.github.com/pando85/homelab/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245025971,"owners_count":20549067,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["argocd","gitops","home-cloud","home-cluster","homelab","k3d","k3s","k8s-at-home","kanidm","zfs"],"created_at":"2025-03-22T21:49:25.026Z","updated_at":"2025-10-06T06:39:23.487Z","avatar_url":"https://github.com/pando85.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Pando85's Homelab\n\n[![document](https://img.shields.io/website?label=document\u0026logo=gitbook\u0026logoColor=white\u0026style=flat-square\u0026url=https%3A%2F%2Fpando85.github.io%2Fhomelab%2F)](https://pando85.github.io/homelab/)\n[![license](https://img.shields.io/github/license/pando85/homelab?style=flat-square\u0026logo=gnu\u0026logoColor=white)](https://www.gnu.org/licenses/gpl-3.0.html)\n\nThis project utilizes [Infrastructure as Code](https://en.wikipedia.org/wiki/Infrastructure_as_code)\nand [GitOps](https://www.weave.works/technologies/gitops) to automate provisioning, operating, and\nupdating self-hosted services in my homelab. Based in [K3s](https://k3s.io/),\n[ArgoCD](https://argo-cd.readthedocs.io/en/stable/),\n[Renovate](https://github.com/renovatebot/renovate) and ZFS. It can be used as a highly customizable\nframework to build your own homelab.\n\n\u003e **What is a homelab?**\n\u003e\n\u003e Homelab is a laboratory at home where you can self-host, experiment with new technologies,\n\u003e practice for certifications, and so on. For more information about homelab in general, see the\n\u003e [r/homelab introduction](https://www.reddit.com/r/homelab/wiki/introduction).\n\n## 📖 Overview\n\nThis section provides a high level overview of the project. For further information, please see the\n[documentation](https://pando85.github.io/homelab/).\n\n## ⛵ Kubernetes\n\nThis repo is focused in maintain in a GitOps practical way my home infrastructure.\n[Ansible](https://www.ansible.com/) is used to deploy a simple [K3s](https://k3s.io/) cluster.\nManaged by [ArgoCD](https://argo-cd.readthedocs.io/en/stable/).\n\n### Installation\n\nThe cluster is running on [Debian](https://www.debian.org/) based distributions, deployed on\nbare-metal. We use custom Ansible playbooks and roles to setup the Kubernetes cluster.\n\n### Core components\n\n- [external-secrets](https://github.com/external-secrets/external-secrets): External Secrets\n Operator reads information from a Vault and automatically injects the values as Kubernetes\n Secrets.\n- [hashicorp/vault](https://www.vaultproject.io): A tool for secrets management, encryption as a\n service, and privileged access management.\n- [kubernetes-sigs/external-dns](https://github.com/kubernetes-sigs/external-dns): Automatically\n manages DNS records from my cluster in a cloud DNS provider.\n- [jetstack/cert-manager](https://cert-manager.io/docs/): Creates SSL certificates for services in\n my Kubernetes cluster.\n- [kubernetes/ingress-nginx](https://github.com/kubernetes/ingress-nginx/): Ingress controller to\n expose HTTP traffic to pods over DNS.\n- [openebs/zfs-localpv](https://github.com/openebs/zfs-localpv): CSI Driver for dynamic\n provisioning of Persistent Local Volumes for Kubernetes using ZFS.\n- [kanidm](https://kanidm.com/): A simple, secure and fast identity management platform.\n- [velero](https://velero.io/): Tool to safely backup and restore, perform disaster recovery,\n and migrate Kubernetes cluster resources and persistent volumes.\n\n## 🔧 Hardware\n\n| Hostname | Device | Count | OS Disk Size | Data Disk Size | Ram | Operating System | Purpose |\n| ---------------- | ----------------------------------- | ----- | ------------ | ----------------------------------- | ---- | ---------------- | ---------- |\n| grigri | Supermicro Atom C2758 (A1SRi-2758F) | 1 | 250GB SSD | 3\\*4TB + 500GB (NVMe) RAIDZ + cache | 32GB | Ubuntu 22.04 | K3s server |\n| prusik\\* | Ryzen 9 7950X (ASUS PRIME X670-P) | 1 | 512GB | 4\\*12TB + 2TB (NVMe) RAIDZ + cache | 64GB | Ubuntu 24.04 | k3s agent |\n| k8s-odroid-hc4-3 | Odroid-hc4 | 1 | N/A | N/A | 4GB | Armbian | K3s agent |\n| prusik-ipmi | Raspberry Pi 4 Model B Rev 1.5 | 1 | 16GB | N/A | 4GB | PiKVM | ipmi |\n| pfsense | PC Engines APU2e4 | 1 | 60GB | N/A | 4GB | pfSense/FreeBSD | Router |\n| gs724t | Netgear gs724t | 1 | N/A | N/A | N/A | N/A | Switch |\n| cerezo | Unifi UAP | 1 | N/A | N/A | N/A | N/A | AP |\n| manzano | Unifi UAP | 1 | N/A | N/A | N/A | N/A | AP |\n\n\\* with Nvidia GeForce GTX 1060 3GB\n\n### Images\n\n\u003cimg src=\"https://raw.githubusercontent.com/pando85/homelab/master/docs/images/rack.jpg\" width=\"20%\" height=\"auto\" /\u003e\n\n## ⭐ Features\n\n- [x] Common applications: Jellyfin, Gitea, arr, Nextcloud...\n- [x] Automated Kubernetes installation and management\n- [x] Installing and managing applications using GitOps\n- [x] Automatic rolling upgrade for OS and Kubernetes\n- [x] Automatically update apps (with approval if needed)\n- [x] Modular architecture, easy to add or remove features/components\n- [x] Automated certificate management\n- [x] Automatically update DNS records for exposed services\n- [x] Monitoring and alerting\n- [x] Single sign-on\n- [x] Automated backups\n\n## 🌐 DNS\n\n[ExternalDNS](https://github.com/kubernetes-sigs/external-dns) is deployed in the cluster and\nconfigured to sync DNS records to [Cloudflare](https://www.cloudflare.com/).\n\nAll connections outside the cluster are handled with TLS using\n[cert-manager](https://cert-manager.io/) with [Let's Encrypt](https://letsencrypt.org/).\n\n### Load Balancer\n\n[Cilium](https://cilium.io/) is configured with BGP control plane, both on my router and within the\nKubernetes cluster.\n\n### Ingress Controllers\n\nFor external access, port forwarding is configured for ports `80` and `443`, directing traffic to\nthe load balancer IP of the Kubernetes ingress controller.\n\nThere are also another ingress controller for internal use.\n\n### Internal DNS\n\n`internal.grigri.cloud` domain is used. Configured as:\n\n```yaml\nannotations:\n cert-manager.io/cluster-issuer: letsencrypt-prod-dns\n external-dns.alpha.kubernetes.io/enabled: \"true\"\n```\n\n### External DNS\n\n`grigri.cloud` domain is used. Configured as:\n\n```yaml\nannotations:\n cert-manager.io/cluster-issuer: letsencrypt-prod-dns\n external-dns.alpha.kubernetes.io/enabled: \"true\"\n external-dns.alpha.kubernetes.io/target: grigri.cloud\n```\n\n## 🤝 Thanks\n\nThanks to all folks who donate their time to the [Kubernetes @Home](https://github.com/k8s-at-home/)\ncommunity. A lot of inspiration for my cluster came from those that have shared their clusters over\nat [awesome-home-kubernetes](https://github.com/k8s-at-home/awesome-home-kubernetes).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpando85%2Fhomelab","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpando85%2Fhomelab","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpando85%2Fhomelab/lists"}