# Veda

The new setup of my homelab will be based on Kubernetes, which will prevent all of my services going down when I need to do physical maintenance of a host.

## Services

### Core

- Ceph for all storage: cephfs, object storage and block storage
- Nextcloud: file storage interface for the entire family
- Jellyfin: Web based media streaming
- Authentik: Central identification and authentication server
- Nginx reverse proxy
- ACME client: SSL certificate handling
- ArgoCD: Revision control for all Kubernetes configuration
- Homeassistant + Zigbee2mqtt
- Prometheus
- Grafana
- Grafana Loki + FluentD
- Cilium
- Harbor: Container image storage

### Nice-to-have

- Jellyseerr: Nice interface to request movies and series
- Sonarr: Automated downloading and handling of series
- Radarr: Automated downloading and handling of movies
- Flaresolverr: Fetching data hidden behind captcha’s
- Torrent client (qBittorrent): To download all the linux ISO’s
- ExternalDNS
- Paperless-ngx

### Look-into-later

- Mastodon: federated social platform
- Forgejo: Git platform. Maybe this should not be hosted on the cluster as it will depend on it.
- CloudNativePG: K8s operator for PostgreSQL

## Bootstrapping

TODO

## TODO

- Remove secrets from config

## Misc

### Applying patches

```bash
talosctl patch machineconfig -p @argocd.yaml -n 192.168.0.0
```

### Reset node

```bash
talosctl reset --system-labels-to-wipe EPHEMERAL,STATE --reboot -n 192.168.0.0
```

### ArgoCD default login

User: admin, password can be retrieved with (ignore the '%' at the end):

```bash
kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d
```