Home infra powered by FluxCD and Kubernetes
- Shell 81.4%
- Ruby 13.8%
- Go Template 3%
- JavaScript 1.8%
| .claude | ||
| .forgejo/workflows | ||
| .linters | ||
| .renovate | ||
| .taskfiles | ||
| .vscode | ||
| ansible | ||
| apps | ||
| components | ||
| core | ||
| flux | ||
| tools | ||
| .editorconfig | ||
| .envrc | ||
| .gitignore | ||
| .gitleaks.toml | ||
| .gitleaksignore | ||
| .lefthook.toml | ||
| .pre-commit-config.yaml | ||
| .renovaterc.json5 | ||
| .secretlintignore | ||
| .sops.yaml | ||
| .yamlfmt.yaml | ||
| Brewfile | ||
| CLAUDE.md | ||
| copy_keys.sh | ||
| dns.md | ||
| EmbeddedRegistry.md | ||
| hardware.md | ||
| helmfile-values.yaml.gotmpl | ||
| helmfile.yaml | ||
| operations.md | ||
| README.md | ||
| setup.sh | ||
| Taskfile.yaml | ||
| troubleshooting.md | ||
Kubernetes Homelab
FluxCD powered GitOps repo inspired largely by onedr0p's template.
Repository Structure
📁 ansible # k8s cluster defined as code
📁 apps # regular apps, namespaced dir tree
📁 components # shared modular logic
📁 core # crucial apps, namespaced dir tree
📁 flux # flux, gitops operator, loaded before everything
Infrastructure
| Name | Specs | OS | CPU | RAM | Storage | Purpose |
|---|---|---|---|---|---|---|
| helheim | HP EliteDesk 800 G5 Micro | Ubuntu 24.04 | i5-9500T CPU @ 2.20GHz | 32GB | 1TB SSD | control-plane |
| svartalfheim | HP ProDesk 600 G2 Micro | Ubuntu 24.04 | i5-6500T CPU @ 2.50Ghz | 32GB | 1TB SSD | control-plane, conbee |
| muspelheim | HP ProDesk 600 G2 Micro | Ubuntu 24.04 | i5-6500T CPU @ 2.50Ghz | 32GB | 1TB SSD | control-plane, ZBT-2 |
| nivadellir | HP ProDesk 600 G2 Micro | Ubuntu 24.04 | i7-6700T CPU @ 2.80Ghz | 32GB | 512GB SSD | worker, coral tpu |
| niflheim | Raspberry Pi 4 | Ubuntu 22.04 | ARM64 1.5GHz Quad Core | 8GB | 1TB SSD | worker |
Workloads run across all nodes.
Automation
- Infra managed by Ansible
- Kubernetes resource managed by FluxCD
Kubernetes
Core Components
- k3s - lightweight kubernetes
- cilium - networking
- kube-vip - for loadbalancing the control plane
- envoy-gateway - featureful gateway api implementation
- cert-manager - certificate management via Let's Encrypt and Cloudflare
- external-dns - syncs DNS with Cloudflare and Mikrotik Router
- external-secrets - sync secrets from bitwarden secret vault
- longhorn - distributed storage
- cloudnative-pg - postgresql cluster management
- dragonfly - redis compatible cache
Monitoring
- grafana - standard dashboard implementation
- prometheus + prompp - memory efficient metrics
- loki+promtail - log aggregation
Smart Resource Handling
- kured - automatically rebooting nodes when packages have been installed
- node-feature-discovery - allows adding affinities for various hardware components (like Zigbee, Coral, or GPUs)
- intel-gpu-plugin - resource allocations for Intel GPUs
- descheduler - move pods on demand based on various criteria
- reloader - bounce nodes when configmaps/secrets change
NAS Services
- Minio for S3-compatible blob storage
- NFS for block-storage
Kubernetes Applications
Miscellaneous
- Authentik - SSO
- Homepage - Start page
- Unifi Controller - Manage local network
- VaultWarden - Personal secret management
- Ntfy - Notifications
- Tailscale - Connect devices to services
- AdGuardHome - Ad Blocking
- Anubis - guarding external systems from bots
- Garage - web hosting
- Plausible - web analytics
Development
- Forgejo - Git hosting
Communication
- Continuwuity - matrix, open federated chat system
- mautrix-meta - matrix bridge to facebook
- matrix-googlechat - matrix bridge to googlechat
- gotosocial - ActivityPub server
Office
- NextCloud - WebDav-based file and calendar management
- Immich - Photo management
- Paperless-NGX - ePaper management
- Joplin - Note management
Smart Home
- Home-Assistant - Smart Home
- Mosquitto - Standard MQTT server (may replace with EMQX)
- zigbee2mqtt - Zigbee to MQTT relay
- govee2mqtt - Govee to MQTT relay
- ESPHome - Manage IoT devices
- Frigate - NVR
Media
- Jellyfin - video management