{"id":20324810,"url":"https://github.com/wesleyklop/infrastructure","last_synced_at":"2025-05-08T01:30:40.861Z","repository":{"id":36961102,"uuid":"431554206","full_name":"WesleyKlop/infrastructure","owner":"WesleyKlop","description":"My Homelab and Cloudlab","archived":true,"fork":false,"pushed_at":"2024-11-17T12:19:58.000Z","size":2404,"stargazers_count":9,"open_issues_count":12,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-04-08T21:46:37.055Z","etag":null,"topics":["argocd","cloudlab","gitops","hetzner","homelab","kubernetes","terraform","traefik"],"latest_commit_sha":null,"homepage":"","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/WesleyKlop.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-11-24T16:25:04.000Z","updated_at":"2024-11-17T12:30:36.000Z","dependencies_parsed_at":"2023-10-16T08:33:40.706Z","dependency_job_id":"fcd8829e-def5-41f6-8498-59ed13ff87a4","html_url":"https://github.com/WesleyKlop/infrastructure","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WesleyKlop%2Finfrastructure","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WesleyKlop%2Finfrastructure/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WesleyKlop%2Finfrastructure/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WesleyKlop%2Finfrastructure/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/WesleyKlop","download_url":"https://codeload.github.com/WesleyKlop/infrastructure/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252981403,"owners_count":21835421,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["argocd","cloudlab","gitops","hetzner","homelab","kubernetes","terraform","traefik"],"created_at":"2024-11-14T19:37:44.954Z","updated_at":"2025-05-08T01:30:39.036Z","avatar_url":"https://github.com/WesleyKlop.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Infrastructure\n\n![Cloudlab Status](https://argocd.wesley.io/api/badge?name=argo-cd\u0026revision=true)\n![Homelab Status](https://argocd.wesley.io/api/badge?name=argo-cd\u0026revision=true)\n\nThis repository contains the infrastructure for my Homelab \u0026 Cloudlab.\n\nThe Homelab is a single node kubeadm cluster running on Ubuntu 20.04 The\nCloudlab is a 4 node kubeadm cluster running on Ubuntu 20.04, deployed fully\nautomatically to Hetzner using Terraform!\n\n## Repository layout\n\n-   Terraform configuration is located in the root and [modules](modules)\n    folders. These define the node, control-plane, worker and this repo config.\n-   Init configuration to kick-start a cluster is located under [init](init).\n    These define some required secrets and configuration to setup argo-cd for\n    phase-2. At this point Argo CD takes over.\n-   Bootstrap configuration for phase-2 of initializing is located under\n    [bootstrap](bootstrap).\n-   Deployed app configuration is under [apps](apps).\n\n# Homelab\n\n## Storage\n\nThe node has a 6TB storage pool on ZFS. Persistent Volume Claims can be created\nusing the `tank-zfspv` storage class to use that storage.\n\n# Cloudlab\n\nClimate change forcing me to migrate to the cloud smh.\n\n## Bootstrapping\n\nThis time I wanted it to be :sparkles: automated :sparkles: so this cluster is\ncreated on the Hetzner cloud platform using Terraform.\n\nAll required packages are installed using cloud-init and then Terraform\nprovisioners are used to bootstrap the kubernetes cluster using kubeadm. Once\nthe cluster is bootstrapped, Argo CD will be deployed and automatically pull in\nall configuration from this repository, which will further reconciliate the\ncluster into the desired state. Magic! :sparkles:\n\n## Secrets\n\nSo all secrets originate either from Terraform or from 1Password Connect. There\nare several secrets defined by Terraform that need to be provided beforehand:\n\n-   `hcloud_token` giving Hetzner api access for Terraform.\n-   `github_token` giving GitHub api access for Terraform.\n\n-   `cluster_api_token` giving Hetzner api access for the Hcloud Cloud\n    Controller manager and Container Storage Interface.\n-   `management_ssh_key_id` defining an extra ssh key id that should be added to\n    the nodes for management purposes. This is either a pubkey or Hetzner ssh\n    key id\n\n-   `op_credentials` giving 1password-connect access to 1password.\n-   `op_token` giving external-secrets access to the vault via\n    1password-connect.\n\n-   `gha_tf_api_token` giving GitHub actions access to Terraform Cloud.\n\n## GitOps\n\nOnce bootstrapping is done, all state is managed following the GitOps pattern.\n\n## Security \u0026 Maintenance\n\nYOLO :shrug: :shipit: \u003csup\u003eI don't know yet... will get back to this\nlater.\u003c/sup\u003e\n\nThe Cloudlab is secured by disabling all auth except ssh key auth. Almost all\nports are closed by the configured firewall.\n\nPackage updating etc I'm still thinking about. This is because nodes need to be\nupgraded manually using kubeadm. I will probably create a terraform resource to\nhandle that in the future.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwesleyklop%2Finfrastructure","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwesleyklop%2Finfrastructure","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwesleyklop%2Finfrastructure/lists"}