https://github.com/thaum-xyz/ankhmorpork
@paulfantom's GitOps managed kube cluster running in a cupboard. Built with fancy tools :sparkles:
https://github.com/thaum-xyz/ankhmorpork
ansible cluster fluxcd jsonnet k3s-cluster kubernetes prometheus prometheus-operator
Last synced: 4 months ago
JSON representation
@paulfantom's GitOps managed kube cluster running in a cupboard. Built with fancy tools :sparkles:
- Host: GitHub
- URL: https://github.com/thaum-xyz/ankhmorpork
- Owner: thaum-xyz
- License: mit
- Created: 2020-06-02T10:54:48.000Z (about 5 years ago)
- Default Branch: master
- Last Pushed: 2025-03-08T01:37:45.000Z (4 months ago)
- Last Synced: 2025-03-08T02:24:44.695Z (4 months ago)
- Topics: ansible, cluster, fluxcd, jsonnet, k3s-cluster, kubernetes, prometheus, prometheus-operator
- Language: Jsonnet
- Homepage: https://ankhmorpork.thaum.xyz
- Size: 8.47 MB
- Stars: 77
- Watchers: 2
- Forks: 10
- Open Issues: 178
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Ankhmorpork
[](https://github.com/thaum-xyz/ankhmorpork/blob/master/LICENSE)
[](https://github.com/thaum-xyz/ankhmorpork/actions/workflows/kubescape.yml)
## 📖 Overview
This is a mono repository for [@paulfantom](https://github.com/paulfantom) home infrastructure and Kubernetes cluster.
Project utilizes [Infrastructure as Code](https://en.wikipedia.org/wiki/Infrastructure_as_code) to automate provisioning, operating, and updating self-hosted services.
## ⛵ Kubernetes
### Installation
Cluster is [k3s](https://k3s.io/) provisioned on bare-metal hosts with latest LTS Ubuntu OS using a modified version of [Ansible](https://www.ansible.com/) role [provided by k3s project](https://github.com/k3s-io/k3s-ansible).
🔸 _[Click here](./metal/) to see Ansible playbooks and roles._
### Components
Logo
Name
Description
GitHub Actions
CI system
Ansible
Automate bare metal provisioning and configuration
Ubuntu
Base OS for Kubernetes nodes
K3s
Lightweight distribution of Kubernetes
Kubernetes
Container-orchestration system, the backbone of this project
kured
Kubernetes Reboot Daemon
TopoLVM
Local storage based on LVM
Longhorn
Distributed block storage
Minio
S3 storage
Flux
GitOps tool built to deploy applications to Kubernetes
ExternalSecrets
Secrets and encryption management system
MetalLB
Bare metal load-balancer for Kubernetes
cert-manager
Cloud native certificate management
Cloudflare
DNS
Traefik
Kubernetes Ingress Controller
oauth2-proxy
Authentication proxy
Prometheus
Systems monitoring and alerting toolkit
Thanos
Metrics datalake
Grafana
Operational dashboards
Loki
Log aggregation system
Cloudnative-pg
Postgres Controller
Homer
Portal Site
HomeAssistant
Home Automation System
ESPhome
Microcontrollers Management
Mealie
Cookbook
Immich
Photo Management
Paperless-ngx
Document Management
Changedetection
Monitoring website changes
Jellyfin
Multimedia System
Game Server
Valheim Game Server
Atuin
Shell History
AND
MANY
OTHERS
### GitOps
[Flux](https://github.com/fluxcd/flux2) watches `manifests/` subdirectories in `base` and `apps` top-level directories and makes changes based on YAML manifests.
## 🌐 DNS
### Internal DNS
[AdGuard Home](https://adguard.com/en/adguard-home/overview.html) is deployed out of k8s cluster and provides an internal resolution of ingress addresses as well as ad blocking.
### Dynamic DNS
My home IP can change at any given time and in order to keep my WAN IP address up to date on Cloudflare I have configured DDNS on Unifi Dream Machine Pro.
## 💽 Network Attached Storage
QNAP NAS TS-451DeU is used to manage NFS shares and backup them to B2 cloud using HBS.
## 🔧 Hardware
| Device | Count | RAM | Storage | Connectivity | Purpose |
|--------------------------|-------|-------|----------------------------------|--------------------|-----------------|
| Unifi Dream Machine Pro | 1 | N/A | N/A | 8x GbE + 2xSFP+ | Router |
| Unifi US-16-PoE switch | 1 | N/A | N/A | 16x GbE + 2xSFP | Main Switch |
| QNAP TS-451DeU | 1 | 16GB | 2x240GB NVMe RAID1 + 4x6TB RAID5 | 2x 2.5GbE LACP | NAS |
| Raspberry Pi | 1 | ----- | ----- | 1x GbE | DNS Server |
| HP EliteDesk G2 800 mini | 2 | 32GB | 240GB M2 SSD + 500GB SSD | 1x GbE | K3S Node |
| Lenovo X1 Laptop | 1 | 48GB | 480GB NVMe + 1x 480GB SSD | 1x GbE | K3S Node |
| Custom-built Server | 1 | 64GB | 480GB NVMe + 1TB SSD | 2x GbE LACP + 1GbE | K3S Node w/GPU |
| Custom-built Server | 1 | 64GB | ??? | 1x GbE | K3S Node (spot) |
## ✨ Features
Project status: **Alpha**
- [x] Common applications: Plex, Nextcloud, HomeAssistant, Ghost...
- [x] Automated Kubernetes installation and management
- [x] Monitoring and alerting
- [x] Modular architecture, easy to add or remove features/components
- [x] Automated certificate management
- [x] Installing and managing applications using GitOps
- [x] CI/CD platform
- [x] Distributed storage
- [x] Automatically update DNS records for exposed services
## 🤝 Contributing
Any contributions you make, either big or small, are greatly appreciated.
## 🔏 Security
If you find any security issue please ping me using email ([email protected])
## Acknowledgements
- Icons are provided by [homelab-svg-assets](https://github.com/loganmarchione/homelab-svg-assets).
## 🏛️ License
Distributed under the MIT License. See [`LICENSE`](LICENSE) for more information.