https://github.com/linuzctl/k8s-gitops

High-availability Kubernetes cluster deployed with kubeadm and managed declaratively through GitOps.
https://github.com/linuzctl/k8s-gitops

flux2 gitops k8s-at-home kubernetes renovate

Last synced: 22 days ago
JSON representation

High-availability Kubernetes cluster deployed with kubeadm and managed declaratively through GitOps.

• Host: GitHub
• URL: https://github.com/linuzctl/k8s-gitops
• Owner: linuzctl
• License: apache-2.0
• Created: 2025-07-12T23:27:06.000Z (12 months ago)
• Default Branch: main
• Last Pushed: 2026-06-06T21:41:24.000Z (23 days ago)
• Last Synced: 2026-06-06T23:17:10.021Z (23 days ago)
• Topics: flux2, gitops, k8s-at-home, kubernetes, renovate
• Homepage:
• Size: 1.53 MB
• Stars: 3
• Watchers: 0
• Forks: 0
• Open Issues: 2
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# k8s-gitops

High-availability Kubernetes cluster deployed with kubeadm and managed declaratively through GitOps.

This repository serves as the source of truth for my private Kubernetes cluster.

## Cluster Management

Cluster provisioning and lifecycle management are handled using a custom Ansible playbook [kubernetes-ansible](https://github.com/linuzctl/kubernetes-ansible).

## GitOps

[Flux CD](https://github.com/fluxcd/flux2) continuously deploys all manifests and configurations stored in Git to the Kubernetes cluster.

Flux is deployed and lifecycle-managed via the [Flux Operator](https://github.com/controlplaneio-fluxcd/flux-operator), which manages the installation, upgrades, and reconciliation of Flux components inside the cluster.

[Renovate](https://github.com/renovatebot/renovate) is configured to automatically check for and update dependencies (container images, OCI repositories, Helm charts, etc.) in the repository.

### Repository Structure

A high-level overview of the repository layout:

```sh

📁 k8s-gitops

├── 📁 apps                  # applications

├── 📁 cluster               # Flux configuration

│   ├── 📁 kustomizations    # Flux Kustomization objects for applications

│   ├── 📁 flux-system       # Flux-Operator (GitOps controllers)

│   └── 📁 notifications     # Notification configurations

└── 📁 crds                  # crds

```

- **.github** directory contains GitHub related files

#### Details

- Each application lives in its own directory under [apps/](/apps/) and is managed by a Flux Kustomization object located in [cluster/kustomizations](/cluster/kustomizations/).

- This setup allows each application to be reconciled independently, so deleting or updating one app does not affect the others.

- Exceptions occur when an application depends on another; in such cases, dependencies are explicitly specified in the Kustomization configuration.

- All Helm charts used in this GitOps setup are pulled from OCI-compliant registries. If a chart maintainer does not publish an OCI-compliant chart, the chart will be tracked in the [helm-charts](https://github.com/linuzctl/helm-charts) repository.

## Secrets Management

Secrets are encrypted using [SOPS](https://github.com/getsops/sops) with [age](https://github.com/FiloSottile/age) keys, allowing safe storage directly in Git and secure collaboration.

## Hardware

| Device               | Num | OS Disk Size               | Data Disk Size              | Ram  | OS           | Role                            |

|----------------------|-----|----------------------------|-----------------------------|------|--------------|---------------------------------|

| HP EliteDesk 800 G4  | 3   | 256GB Samsung NVMe         | -                           | 16GB | Debian 13    | Kubernetes Control Plane        |

| Minisforum MS-01     | 3   | 1TB Samsung NVMe 990 Pro   | 4TB Samsung NVMe 990 Pro    | 64GB | Debian 13    | Kubernetes Worker Nodes         |

| Minisforum N5 Pro    | 1   | 1TB Samsung NVMe 990 Pro   | 5x22TB Seagate Exos X22     | 64GB | TrueNAS Core | NAS                             |

| Raspberry Pi 5       | 1   | 1TB Samsung NVMe 980 Pro   | -                           | 16GB | Debian 12    | Toolbox / Ready to break        |

> Note: Hardware was purchased before the AI-driven price explosion

## Disclaimer

This cluster is built and operated by a single person and is tailored to my personal needs and learning goals.

The primary objective of this project is learning and experimentation. While the configuration works for my environment, it may not be suitable for yours.

If you plan to build something similar:

- Do not blindly copy & paste

- Take time to understand what each component does

- Adapt ideas to your own requirements and constraints

Getting inspired by how others design and operate their infrastructure is always valid - just make sure you understand why things are done a certain way before adopting them.