This is a mono repository for @paulfantom home infrastructure and Kubernetes cluster. Project utilizes Infrastructure as Code to automate provisioning, operating, and updating self-hosted services.
Cluster is k3s provisioned on bare-metal hosts with latest LTS Ubuntu OS using a modified version of Ansible role provided by k3s project.
πΈ Click here to see Ansible playbooks and roles.
| Logo | Name | Description |
|---|---|---|
 |
GitHub Actions | CI system |
| Ansible | Automate bare metal provisioning and configuration | |
| Ubuntu | Base OS for Kubernetes nodes | |
| K3s | Lightweight distribution of Kubernetes | |
| Kubernetes | Container-orchestration system, the backbone of this project | |
| kured | Kubernetes Reboot Daemon | |
 |
TopoLVM | Local storage based on LVM |
| Longhorn | Distributed block storage | |
| Minio | S3 storage | |
| Flux | GitOps tool built to deploy applications to Kubernetes | |
 |
ExternalSecrets | Secrets and encryption management system |
 |
MetalLB | Bare metal load-balancer for Kubernetes |
 |
cert-manager | Cloud native certificate management |
| Cloudflare | DNS | |
| Traefik | Kubernetes Ingress Controller | |
 |
oauth2-proxy | Authentication proxy |
| Prometheus | Systems monitoring and alerting toolkit | |
| Thanos | Metrics datalake | |
| Grafana | Operational dashboards | |
| Loki | Log aggregation system | |
| Cloudnative-pg | Postgres Controller | |
| Homer | Portal Site | |
| HomeAssistant | Home Automation System | |
| ESPhome | Microcontrollers Management | |
| Mealie | Cookbook | |
| Immich | Photo Management | |
| Paperless-ngx | Document Management | |
| Changedetection | Monitoring website changes | |
| Jellyfin | Multimedia System | |
| Game Server | Valheim Game Server | |
 |
Atuin | Shell History |
| AND | MANY | OTHERS |
Flux watches manifests/ subdirectories in base and apps top-level directories and makes changes based on YAML manifests.
AdGuard Home is deployed out of k8s cluster and provides an internal resolution of ingress addresses as well as ad blocking.
My home IP can change at any given time and in order to keep my WAN IP address up to date on Cloudflare I have configured DDNS on Unifi Dream Machine Pro.
QNAP NAS TS-451DeU is used to manage NFS shares and backup them to B2 cloud using HBS.
| Device | Count | RAM | Storage | Connectivity | Purpose |
|---|---|---|---|---|---|
| Unifi Dream Machine Pro | 1 | N/A | N/A | 8x GbE + 2xSFP+ | Router |
| Unifi US-16-PoE switch | 1 | N/A | N/A | 16x GbE + 2xSFP | Main Switch |
| QNAP TS-451DeU | 1 | 16GB | 2x240GB NVMe RAID1 + 4x6TB RAID5 | 2x 2.5GbE LACP | NAS |
| Raspberry Pi | 1 | ----- | ----- | 1x GbE | DNS Server |
| HP EliteDesk G2 800 mini | 2 | 32GB | 240GB M2 SSD + 500GB SSD | 1x GbE | K3S Node |
| Lenovo X1 Laptop | 1 | 48GB | 480GB NVMe + 1x 480GB SSD | 1x GbE | K3S Node |
| Custom-built Server | 1 | 64GB | 480GB NVMe + 1TB SSD | 2x GbE LACP + 1GbE | K3S Node w/GPU |
| Custom-built Server | 1 | 64GB | ??? | 1x GbE | K3S Node (spot) |
Project status: Alpha
- Common applications: Plex, Nextcloud, HomeAssistant, Ghost...
- Automated Kubernetes installation and management
- Monitoring and alerting
- Modular architecture, easy to add or remove features/components
- Automated certificate management
- Installing and managing applications using GitOps
- CI/CD platform
- Distributed storage
- Automatically update DNS records for exposed services
Any contributions you make, either big or small, are greatly appreciated.
If you find any security issue please ping me using email (paulfantom+security@gmail.com)
- Icons are provided by homelab-svg-assets.
Distributed under the MIT License. See LICENSE for more information.