https://github.com/mrwulf/home-cluster

https://github.com/mrwulf/home-cluster

k8s-at-home kubesearch

Last synced: about 2 months ago
JSON representation

• Host: GitHub
• URL: https://github.com/mrwulf/home-cluster
• Owner: mrwulf
• License: mit
• Created: 2022-09-09T23:23:07.000Z (over 2 years ago)
• Default Branch: main
• Last Pushed: 2025-04-16T06:49:55.000Z (about 2 months ago)
• Last Synced: 2025-04-16T08:12:04.504Z (about 2 months ago)
• Topics: k8s-at-home, kubesearch
• Language: Shell
• Homepage:
• Size: 6.37 MB
• Stars: 11
• Watchers: 2
• Forks: 0
• Open Issues: 5
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# Basic Startup

```

# Install dependencies

## Install go-task on your own (https://taskfile.dev/installation/)

## If using macos, `brew install grep,awk`

## Install all the other dependencies (reference just the install taskfile so VARS don't need the dependencies)

task --taskfile .taskfiles/install.yml all

# Set up age/sops

task sops:init

## Replace the public key in .sops.yaml

# Friends don't let friends commit secrets

task pre-commit:init

# Configure your cluster

task talos:generate-secrets

## Edit ./talos/talconfig.yaml

task talos:generate-configs

# Boot nodes to talos

# Apply configuration to each node

task talos:apply-config -- 

# ONLY ONCE! Bootstrap a single node

talos -n $(task talos:get-a-node) bootstrap

# Add age secret to the cluster

# Configure flux base repo

# Install flux

```

# Tools

* [talos](https://talos.dev)

* [talhelper](https://github.com/budimanjojo/talhelper)

* [flux](https://toolkit.fluxcd.io/)

* [sops](https://toolkit.fluxcd.io/guides/mozilla-sops/)

* [age](https://github.com/FiloSottile/age)

* [go-task](https://github.com/go-task/task)

* [pre-commit](https://github.com/pre-commit/pre-commit)

* [helm](https://helm.sh/)

* [kustomize](https://kustomize.io/)

# Components

- [authentik](https://goauthentik.io) - IDp + SSO

- [cert-manager](https://cert-manager.io/) - SSL certificates - with Cloudflare DNS challenge

- [flux](https://toolkit.fluxcd.io/) - GitOps tool for deploying manifests from the `cluster` directory

- [kasten k10](https://www.kasten.io/product/) - backup implementation

- [kyverno](https://kverno.io) - policy engine

- [reloader](https://github.com/stakater/Reloader) - restart pods when Kubernetes `configmap` or `secret` changes

- [traefik](https://traefik.io) - ingress controller

- [rook](https://rook.io) - operator for ceph

## :open_file_folder:  Repository structure

The Git repository contains the following directories under `cluster` and are ordered below by how Flux will apply them.

- **base** directory is the entrypoint to Flux

- **crds** directory contains custom resource definitions (CRDs) that need to exist globally in your cluster before anything else exists

- **core** directory (depends on **crds**) are important infrastructure applications (grouped by namespace) that should never be pruned by Flux

- **apps** directory (depends on **core**) is where your common applications (grouped by namespace) could be placed, Flux will prune resources here if they are not tracked by Git anymore

# My Cluster

| Node                                                   | Role                                                  | Specs                                                  |

|--------------------------------------------------------|----------------------------------------------------------|----------------------------------------------------------|

| control-01 | Control Plane, Storage | HP EliteDesk 800 G6 MFF
Intel 10700t
32G |

| control-02 | Control Plane, Storage | HP EliteDesk 800 G6 MFF
Intel 10700t
32G |

| control-03 | Control Plane | Lenovo m70q Tiny
 Intel 10700t
32G |

| worker-01 | Worker, Storage | Dell 7090 mini
 Intel 10700
32G |

# Other Stuff