{"id":30499306,"url":"https://github.com/waifulabs/infrastructure","last_synced_at":"2025-08-25T06:03:39.843Z","repository":{"id":37012345,"uuid":"399288337","full_name":"waifulabs/infrastructure","owner":"waifulabs","description":"Girlfriend unapproved kubernetes cluster running Talos, Flux, Renovate and GHA.","archived":false,"fork":false,"pushed_at":"2025-08-25T03:08:42.000Z","size":24708,"stargazers_count":161,"open_issues_count":4,"forks_count":2,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-08-25T03:21:07.179Z","etag":null,"topics":["ansible","home-assistant","home-automation","k3s","k8s-at-home","kubernetes","node-red","renovate"],"latest_commit_sha":null,"homepage":"https://discord.gg/home-operations","language":"YAML","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"wtfpl","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/waifulabs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":".github/CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":["kashalls"]}},"created_at":"2021-08-24T00:44:55.000Z","updated_at":"2025-08-25T03:08:46.000Z","dependencies_parsed_at":"2023-09-22T17:03:47.247Z","dependency_job_id":"5d57a4d9-b7b2-4964-930c-523d6e783574","html_url":"https://github.com/waifulabs/infrastructure","commit_stats":null,"previous_names":["waifulabs/infrastructure"],"tags_count":42,"template":false,"template_full_name":null,"purl":"pkg:github/waifulabs/infrastructure","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/waifulabs%2Finfrastructure","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/waifulabs%2Finfrastructure/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/waifulabs%2Finfrastructure/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/waifulabs%2Finfrastructure/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/waifulabs","download_url":"https://codeload.github.com/waifulabs/infrastructure/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/waifulabs%2Finfrastructure/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":272013418,"owners_count":24858474,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-25T02:00:12.092Z","response_time":1107,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","home-assistant","home-automation","k3s","k8s-at-home","kubernetes","node-red","renovate"],"created_at":"2025-08-25T06:01:34.523Z","updated_at":"2025-08-25T06:03:39.823Z","avatar_url":"https://github.com/waifulabs.png","language":"YAML","readme":"\u003cdiv align=\"center\"\u003e\n\n# Kashall's Home Operations\n\n[![Discord](https://img.shields.io/discord/673534664354430999?style=for-the-badge\u0026label\u0026logo=discord\u0026logoColor=white\u0026color=blue)](https://discord.gg/home-operations)\u0026nbsp;\u0026nbsp;\n[![Talos](https://img.shields.io/endpoint?url=https%3A%2F%2Fkromgo.ok8.sh%2Fquery%3Fformat%3Dendpoint%26metric%3Dtalos_version\u0026style=for-the-badge\u0026logo=talos\u0026logoColor=white\u0026color=blue\u0026label=%20)](https://www.talos.dev/)\u0026nbsp;\u0026nbsp;\n[![Kubernetes](https://img.shields.io/endpoint?url=https%3A%2F%2Fkromgo.ok8.sh%2Fquery%3Fformat%3Dendpoint%26metric%3Dkubernetes_version\u0026style=for-the-badge\u0026logo=kubernetes\u0026logoColor=white\u0026color=blue\u0026label=%20)](https://www.talos.dev/)\u0026nbsp;\u0026nbsp;\n[![Renovate](https://img.shields.io/github/actions/workflow/status/kashalls/home-cluster/renovate.yaml?branch=main\u0026label=\u0026logo=renovatebot\u0026style=for-the-badge\u0026color=blue)](https://github.com/kashalls/home-cluster/actions/workflows/renovate.yaml)\n\n[![Age-Days](https://img.shields.io/endpoint?url=https%3A%2F%2Fkromgo.ok8.sh%2Fquery%3Fmetric%3Dcluster_age_days\u0026style=flat-squaree\u0026label=Age)](https://github.com/kashalls/kromgo/)\u0026nbsp;\u0026nbsp;\u0026nbsp;\n[![Uptime-Days](https://img.shields.io/endpoint?url=https%3A%2F%2Fkromgo.ok8.sh%2Fquery%3Fmetric%3Dcluster_uptime_days\u0026style=flat-square\u0026label=Uptime)](https://github.com/kashalls/kromgo/)\u0026nbsp;\u0026nbsp;\u0026nbsp;\n[![Active-Alerts](https://img.shields.io/endpoint?url=https%3A%2F%2Fkromgo.ok8.sh%2Fquery%3Fmetric%3Dprometheus_active_alerts\u0026style=flat-square\u0026label=Firing%20Alerts)](https://github.com/kashalls/kromgo/)\u0026nbsp;\u0026nbsp;\u0026nbsp;\n[![Node-Count](https://img.shields.io/endpoint?url=https%3A%2F%2Fkromgo.ok8.sh%2Fquery%3Fmetric%3Dcluster_node_count\u0026style=flat-square\u0026label=Nodes)](https://github.com/kashalls/kromgo/)\u0026nbsp;\u0026nbsp;\u0026nbsp;\n[![Pod-Count](https://img.shields.io/endpoint?url=https%3A%2F%2Fkromgo.ok8.sh%2Fquery%3Fmetric%3Dcluster_pods_running\u0026style=flat-square\u0026label=Pods\u0026color=green)](https://github.com/kashalls/kromgo/)\u0026nbsp;\u0026nbsp;\u0026nbsp;\n[![CPU-Usage](https://img.shields.io/endpoint?url=https%3A%2F%2Fkromgo.ok8.sh%2Fquery%3Fmetric%3Dcluster_cpu_usage\u0026style=flat-square\u0026label=CPU)](https://github.com/kashalls/kromgo/)\u0026nbsp;\u0026nbsp;\u0026nbsp;\n[![Power-Usage](https://img.shields.io/endpoint?url=https%3A%2F%2Fkromgo.ok8.sh%2Fquery%3Fmetric%3Dcluster_power_usage\u0026style=flat-square\u0026label=Power)](https://github.com/kashalls/kromgo/)\n\n\u003c/div\u003e\n\n## What is this?\n\nThis is the repository I use to version control my kubernetes cluster I deploy and maintain at home. I currently use [Talos](https://www.talos.dev/) to provide a secure, minimal and immutable environment for Kubernetes. Previous iterations of this repository relied on Debian-based Operating Systems which can lead unwanted changes in the base system.\n\n## How did you do this?\n\nThanks to [onedr0p](https://github.com/onedr0p), there is the [cluster template](https://github.com/onedr0p/flux-cluster-template) that allows you to easily get started with your own kubernetes cluster at home. You don't need to have multiple computers or a fancy setup to get one working.\n\nIf you're interested, you can also join the community [Home Operations](https://discord.gg/home-operations). Several people are involved daily and it makes for some interesting conversations.\n\n### Directory Helper\n\nThis repository uses the following layout for [Kubernetes](./kubernetes/).\n\n```sh\n๐Ÿ“ bootstrap\nโ”œโ”€โ”€ ๐Ÿ“ helmfile.yaml # Helmreleases required to run bootstrap flux.\nโ””โ”€โ”€ ๐Ÿ“ secrets.yaml.tpl # Secrets required to bootstrap flux.\n๐Ÿ“ kubernetes\nโ”œโ”€โ”€ ๐Ÿ“ apps # Per-cluster application-specific configurations.\nโ”œโ”€โ”€ ๐Ÿ“ components # Flux \u0026 Talos configurations for setting up the cluster.\nโ””โ”€โ”€ ๐Ÿ“ flux # Flux configuration, application repositories and more.\n๐Ÿ“ talos\nโ”œโ”€โ”€ ๐Ÿ“ nodes # Override configurations for each individual node.\nโ”œโ”€โ”€ ๐Ÿ“ machineconfig.yaml.j2 # Base configuration for all nodes.\nโ””โ”€โ”€ ๐Ÿ“ talos.env # Kubernetes and Talos Version Variables\n๐Ÿ“ unifi # Configuration files for UniFi\n๐Ÿ“ kubeconfig\n๐Ÿ“ talosconfig\n```\n\n## โ˜๏ธ Cloud Dependencies\n\nWhile most of my infrastructure and workloads are self-hosted I do rely upon the cloud for certain key parts of my setup. This saves me from having to worry about two things. (1) Dealing with chicken/egg scenarios and (2) services I critically need whether my cluster is online or not.\n\n| Service | Use | Cost |\n|---------------------------------------------------------|----------------------------------------------------------------|----------------|\n| [1Password](https://1password.com/) | Secrets with [External Secrets](https://external-secrets.io/) | ~$55/yr |\n| [Cloudflare](https://www.cloudflare.com/) | Domains, Workers, Pages, and R2 | ~$30/yr |\n| [Backblaze B2](https://www.backblaze.com/cloud-storage) | Backups | $0.50/m |\n| [GCP](https://cloud.google.com/) | Voice interactions with Home Assistant over Google Assistant | Free |\n| [GitHub](https://github.com/) | Hosting this repository and continuous integration/deployments | Free |\n| [Let's Encrypt](https://letsencrypt.org/) | Issuing SSL Certificates with Cert Manager | Free |\n| [Migadu](https://migadu.com/) | Email Hosting | ~$20/yr |\n| [Pushover](https://pushover.net/) | Kubernetes Alerts and application notifications | Free |\n| [UniFi Site Manager](https://unifi.ui.com) | UniFi External Access Management | Free |\n| | | Total: ~$10/mo |\n\n---\n\n## ๐Ÿ’ป Networking\n\n### Networking Diagram\n\n```mermaid\nflowchart LR\n A[[\"#quot;The Internet#quot;\"]] -- 2Gbps โ†“ 350Mbps โ†‘ --\u003e B(\"UDM Pro Max\");\n B -- 10Gbps โ†• --\u003e C(\"USW Pro Max 16\")\n C -- 10Gbps โ†• --\u003e D[\"1x MS-01 Main (Talos)\"]\n C -- 10Gbps โ†• --\u003e E[\"1x Storage (TrueNAS)\"]\n C -- 1Gbps โ†• --\u003e F[\"4x Rasbian (Talos)\"]\n```\n\n### Networks \u0026 Vlans\n\n| Name | VLAN | Description |\n|---------------------|------|-------------------------------------------------------------------------------------|\n| Management | 1 | Servers + Network Management |\n| Devices | 2 | Wireless Devices and Workstations |\n| IoT | 3 | Small devices that *could* be compromised, so they don't get to talk to each other. |\n| Services | 4 | No DHCP, Simply a network for Cluster BGP |\n| \"I Don't Trust You\" | 86 | Non-affiliated organization issued devices (school or work devices) |\n\n### ๐ŸŒ DNS\n\nUniFi released a new feature update with UniFi routers that allow you to create custom dns records to be served to the whole network. I wrote [External DNS Unifi Webhook](https://github.com/kashalls/external-dns-unifi-webhook) to allow [External DNS](https://github.com/kubernetes-sigs/external-dns/) to gather service and ingress hosts from my clusters and deploy the records to my routers local dns server without any extra local resolvers or moving parts.\n\n---\n\n## ๐Ÿ”ง Hardware\n\n\u003cdetails\u003e\n \u003csummary\u003eClick to see the rack!\u003c/summary\u003e\n Updated 05/25/2024\n\n \u003cimg src=\"https://owo.whats-th.is/2drDDRN.jpg\" align=\"center\" width=\"200px\" alt=\"rack\"/\u003e\n\u003c/details\u003e\n\n| Device | Count | OS Disk Size | Data Disk Size | Ram | Operating System | Purpose |\n|-------------------------|-------|--------------|----------------------|------|------------------|-------------------|\n| UDM Pro | 1 | - | - | - | UniFi OS | Router |\n| USW 16 Pro Max | 1 | - | - | - | UniFi OS | Switching |\n| U6-LR | 1 | - | - | - | - | Office AP |\n| UAP-AC-Pro | 1 | - | - | - | - | Dining Room AP |\n| USP-PDU-Pro | 1 | - | - | - | - | Rack PDU |\n| MS-01 | 1 | 1TB NVMe | 2x1TB NVMe | 32GB | Talos | Main Cluster |\n| Fran | 1 | 2x1TB SSD | 5x8TB (raidz2) | 64GB | Debian | Storage Cluster |\n| JetKVM | 1 | 16GB (Flash) | - | - | JetKVM | Network KVM |\n| APC Back-Ups 1500 | 1 | - | - | - | - | UPS |\n\n---\n\n## โญ Stargazers\n\n\u003cdiv align=\"center\"\u003e\n\n[![Star History Chart](https://api.star-history.com/svg?repos=kashalls/home-cluster\u0026type=Date)](https://star-history.com/#kashalls/home-cluster\u0026Date)\n\n\u003c/div\u003e\n\n---\n\n## Inspiration\n\nThanks to all the people who donate their time to the [Home Operations](https://discord.gg/home-operations) community.\n\nSpecial thanks to: [แ—ชั”ฮฝฮนฮท แ—ทฯ…ะฝสŸ](https://github.com/onedr0p/home-cluster), [Bแด‡ส€ษดแด… Sแด„สœแดส€ษขแด‡ส€s](https://github.com/bjw-s/k8s-gitops), and [Toboshii Nakama](https://github.com/toboshii/home-cluster) for their assistance.\n\nCheck out [kubesearch.dev](https://kubesearch.dev) to see what other users are running in their kubernetes home labs!\n","funding_links":["https://github.com/sponsors/kashalls"],"categories":["YAML","kubernetes"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwaifulabs%2Finfrastructure","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwaifulabs%2Finfrastructure","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwaifulabs%2Finfrastructure/lists"}