{"id":15066024,"url":"https://github.com/parente/homelab","last_synced_at":"2025-04-10T13:40:44.928Z","repository":{"id":136635511,"uuid":"315165190","full_name":"parente/homelab","owner":"parente","description":"My setup for a homelab kubernetes environment","archived":false,"fork":false,"pushed_at":"2023-01-01T19:24:17.000Z","size":542,"stargazers_count":5,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-03-24T12:21:27.133Z","etag":null,"topics":["cloudflare","homelab","k8s","tls"],"latest_commit_sha":null,"homepage":"","language":"Smarty","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/parente.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-11-23T00:56:41.000Z","updated_at":"2022-11-15T09:55:24.000Z","dependencies_parsed_at":null,"dependency_job_id":"3d6642bc-2d53-4e12-9572-69a873cd087c","html_url":"https://github.com/parente/homelab","commit_stats":null,"previous_names":[],"tags_count":22,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/parente%2Fhomelab","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/parente%2Fhomelab/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/parente%2Fhomelab/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/parente%2Fhomelab/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/parente","download_url":"https://codeload.github.com/parente/homelab/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248225948,"owners_count":21068088,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cloudflare","homelab","k8s","tls"],"created_at":"2024-09-25T00:59:57.797Z","updated_at":"2025-04-10T13:40:44.907Z","avatar_url":"https://github.com/parente.png","language":"Smarty","funding_links":[],"categories":[],"sub_categories":[],"readme":"## What is this?\n\nMy setup for a homelab kubernetes environment with:\n\n- k3d for a single-host, multi-node cluster in Docker\n- k3sup for a multi-host, multi-node cluster on Raspberry Pis\n- Cloudflare for TLS, DNS, and proxying\n- nginx ingress with TLS termination using static Cloudflare origin certs and origin pull\n  verification\n- cfsync for maintaining A record public IP entries for a NATed home network\n- minio for object storage\n- other apps of interest\n\n## Why build it?\n\nA chance to review things I think I know. An opportunity to learn more. An itch to build. Boredom.\n\n## Why not use cert-manager and Let's Encrypt?\n\nSaving on time and memory. Static origin certs are good enough for my purposes.\n\n## What manual steps did I take?\n\nIn Cloudflare:\n\n- Enable _Full (strict)_ encryption mode\n- Generate a wildcard origin certificate for my domain and store in `secrets.yaml`\n- Download the Cloudflare CA for origin pull auth and store in `values.yaml`\n\nIn GitHub:\n\n- Create a `GHCR_TOKEN` secret with a personal access token having package write permission\n- Create the `gh-pages` orphan branch\n\nTo use the minio `mc` CLI:\n\n- Add a `homelab` alias to the `~/.mc/config.json` file\n- Run `make` targets in the `minio` folder\n\nTo run on a single Raspberry Pi 3 (ARMv7):\n\n- Install `k3d` onto the Pi\n- Clone this project onto the Pi\n- Run `make local-cluster`\n- Copy the `~/.kube/config` back to my main machine\n- Delete the default `local-path` StorageClass (probably should skip install and install custom)\n- Run `make sync` from the main machine\n\nTo set up a Raspberry Pi 4 (ARMv7) cluster:\n\n- Write empty `ssh` file in the microSD card boot partition\n- Write `wpa_supplicant.conf` to boot partition like:\n\n```\ncountry=US\nctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev\nupdate_config=1\n\nnetwork={\n    ssid=\"SSID\"\n    psk=\"PASSWORD\"\n}\n```\n\n- SSH to `pi@raspberrypi.local`\n- Change `pi` user password\n- Add SSH pubkey to `~/.ssh/authorized_hosts`\n- Run `raspi-config` to set hostname, lower GPU memory, expand root partition\n- Add `cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory` to `/boot/cmdline.txt`\n- Disable wifi power saving with `sudo /sbin/iw wlan0 set power_save off` and permanently in\n  `/etc/rc.local` before the exit\n- Disable swap with `sudo dphys-swapfile swapoff \u0026\u0026 sudo dphys-swapfile uninstall \u0026\u0026 sudo update-rc.d dphys-swapfile remove`\n- Assign fixed IP\n- Repeat for all nodes\n- Install `k3sup` on my dev box\n- Run `make cluster`\n\n## How do I cut chart releases?\n\n1. Bump versions in `cfsync/chart/Chart.yaml` and `helmfile.yaml`.\n2. Push to main.\n3. Use the GitHub web UI to create a release with matching version tag.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fparente%2Fhomelab","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fparente%2Fhomelab","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fparente%2Fhomelab/lists"}