https://github.com/crutonjohn/gitops

GitOps principles to define kubernetes cluster state via code. Home Operations: https://discord.gg/home-operations
https://github.com/crutonjohn/gitops

ansible flux fluxcd k3s k8s k8s-at-home kubernetes kubernetes-cluster

Last synced: 3 months ago
JSON representation

GitOps principles to define kubernetes cluster state via code. Home Operations: https://discord.gg/home-operations

• Host: GitHub
• URL: https://github.com/crutonjohn/gitops
• Owner: crutonjohn
• License: apache-2.0
• Created: 2020-09-07T16:38:48.000Z (almost 5 years ago)
• Default Branch: main
• Last Pushed: 2025-04-11T19:30:03.000Z (3 months ago)
• Last Synced: 2025-04-11T20:32:30.203Z (3 months ago)
• Topics: ansible, flux, fluxcd, k3s, k8s, k8s-at-home, kubernetes, kubernetes-cluster
• Language: Shell
• Homepage: https://crutonjohn.github.io/gitops/
• Size: 9.4 MB
• Stars: 23
• Watchers: 2
• Forks: 2
• Open Issues: 15
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        


  It's My k8s in a Box

  


  


  








[![Discord](https://img.shields.io/badge/discord-chat-7289DA.svg?maxAge=60&style=flat-square)](https://discord.gg/home-operations)



---

# :book:  Overview

This repo _is_ my Kubernetes cluster in a declarative state. [Flux](https://github.com/fluxcd/flux2) and [Helm Operator](https://github.com/fluxcd/helm-operator) watch my [clusters](./clusters/) folder and makes the changes to my cluster based on the yaml manifests. [Renovate](https://github.com/renovatebot/renovate) auto updates images and helm charts based on upstream changes.

Feel free to join our [Discord](https://discord.gg/home-operations) if you have any questions.

---

# :anchor:  k8s Distro

Currently using [k0s](https://k0sproject.io) by way of [k0sctl](https://github.com/k0sproject/k0sctl). These configurations can be viewed in [provision/k0s](./provision/k0s/).

---

# :speedboat:  Deploying the cluster

1. `nix-shell --command 'k0sctl apply -f ./provision/k0s/production.yaml'`

2. `nix-shell --command 'k0sctl kubeconfig -c ./provision/k0s/production.yaml > ./hack/main'`

3. `sops -d provision/cilium/production.yaml | helm install cilium cilium/cilium -f -`

## Installing and bootstrapping flux

1. `nix-shell --command 'k0sctl kubeconfig -c ./provision/k0s/production.yaml > ./hack/main'`

2. Have `flux` installed (need to nixify this)

3. `set GITHUB_TOKEN ghp_Qk5eLNaaaaaaaaaaaaaaaaaaaaaaaaaaa`

4. To boostrap the cluster:

        flux bootstrap github \

        --components=source-controller,kustomize-controller,helm-controller,notification-controller \

        --path=clusters/env/production \

        --version=latest \

        --owner=crutonjohn \

        --repository=gitops

5. `sops -d sops-secret.enc.yaml | kubectl apply -f -`

### Required node labels

1. `k label nodes horus lion magnus dorn guilliman sanguinius lorgar ${FAMILY_DOMAIN}/bgp=worker`

2. `k label nodes lorgar ${FAMILY_DOMAIN}/role=nas`

3. `k label nodes dorn guilliman sanguinius ${FAMILY_DOMAIN}/rook=distributed`

---

## :computer:  Hardware Configuration

_All my nodes below are running bare metal Ubuntu or Debian_

| Device                  | Count | OS Disk Size            | Data Disk Size                           | Ram  | Purpose |

|-------------------------|-------|-------------------------|------------------------------------------|------|---------|

| [Bmax B3 (Intel N5095)](https://www.bmaxit.com/Maxmini-B3-New-pd714800688.html)  | 3     | 256GB SSD | N/A                                      | 8 GB | k8s Control Plane |

| [Minisforum MS-01 (Intel 12600H)](https://store.minisforum.com/products/minisforum-ms-01)          | 3     | 1x 1TB NVME            | 1x 2TB NVME (rook-ceph)                   | 64GB | k8s Workers |

| Ryzen 3900x Custom     | 1     | 2x 1TB SSD  | N/A                                      | 128GB | k8s Rook-Ceph NAS |

| Supermicro 216BE1C-R741JBOD         | 1     | N/A                     | 24x 1TB SSD                              | N/A  | Disk Shelf |

## :computer:  Supporting Infrastructure

- [Opnsense DEC2750](https://shop.opnsense.com/product/dec2750-opnsense-rack-security-appliance/) Router

- [TP-Link TL-SG3428XMP](https://www.tp-link.com/us/business-networking/omada-sdn-switch/tl-sg3428xmp/) Core Switch

- [TP-Link TL-SG3428XMP](https://www.tp-link.com/us/business-networking/omada-sdn-switch/tl-sg3428xmp/) Upstairs Distribution Switch

- [TP-Link SX3008F](https://www.tp-link.com/us/business-networking/managed-switch/tl-sx3008f/) 10Gig Distribution Switch

- [MikroTik CRS305-1G-4S+in](https://mikrotik.com/product/crs305_1g_4s_in) 10Gig Office Distribution Switch

- x2 [TP-Link EAP660 HD](https://www.tp-link.com/us/business-networking/omada-sdn-access-point/eap660-hd/) WAPs

- [TP-Link EAP615-Wall](https://www.tp-link.com/us/business-networking/omada-wifi-wall-plate/eap615-wall/) Master Bedroom

---

## :memo:  IP addresses

Can generally be viewed at [settings.yaml](./clusters/secrets/generic/settings.yaml)

---

## :handshake:  Community

A lot of inspiration for my cluster came from the people that have shared their cluster configuration with me. Thanks to all the people who donate their time to the Home Operations community. Join us on [Discord](https://discord.gg/home-operations)!