68 lines
1.6 KiB
Markdown
68 lines
1.6 KiB
Markdown
# Veda
|
||
|
||
The new setup of my homelab will be based on Kubernetes, which will prevent all of my services going down when I need to do physical maintenance of a host.
|
||
|
||
## Services
|
||
|
||
### Core
|
||
|
||
- Ceph for all storage: cephfs, object storage and block storage
|
||
- Nextcloud: file storage interface for the entire family
|
||
- Jellyfin: Web based media streaming
|
||
- Authentik: Central identification and authentication server
|
||
- Nginx reverse proxy
|
||
- ACME client: SSL certificate handling
|
||
- ArgoCD: Revision control for all Kubernetes configuration
|
||
- Homeassistant + Zigbee2mqtt
|
||
- Prometheus
|
||
- Grafana
|
||
- Grafana Loki + FluentD
|
||
- Cilium
|
||
- Harbor: Container image storage
|
||
|
||
### Nice-to-have
|
||
|
||
- Jellyseerr: Nice interface to request movies and series
|
||
- Sonarr: Automated downloading and handling of series
|
||
- Radarr: Automated downloading and handling of movies
|
||
- Flaresolverr: Fetching data hidden behind captcha’s
|
||
- Torrent client (qBittorrent): To download all the linux ISO’s
|
||
- ExternalDNS
|
||
- Paperless-ngx
|
||
|
||
### Look-into-later
|
||
|
||
- Mastodon: federated social platform
|
||
- Forgejo: Git platform. Maybe this should not be hosted on the cluster as it will depend on it.
|
||
- CloudNativePG: K8s operator for PostgreSQL
|
||
|
||
## Bootstrapping
|
||
|
||
TODO
|
||
|
||
## TODO
|
||
|
||
- Remove secrets from config
|
||
|
||
## Misc
|
||
|
||
### Applying patches
|
||
|
||
```bash
|
||
talosctl patch machineconfig -p @argocd.yaml -n 192.168.0.0
|
||
```
|
||
|
||
### Reset node
|
||
|
||
```bash
|
||
talosctl reset --system-labels-to-wipe EPHEMERAL,STATE --reboot -n 192.168.0.0
|
||
```
|
||
|
||
### ArgoCD default login
|
||
|
||
User: admin, password can be retrieved with (ignore the '%' at the end):
|
||
|
||
```bash
|
||
kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d
|
||
```
|