This is a mono repository containing all the automations I use for my homelab spanning from kubernetes clusters, through baremetal KVM hosts, to personal computers and everything in between. I keep my infrastructure as code (IaC) and try to put GitOps into practice. I use tools like Ansible, Flux, OpenTofu (Terraform fork), Github Actions, Kubernetes, Helm and more. All my machines use Arch Linux as an operating system and OpenZFS for storage.
Ansible code resides in ansible directory (duh!) and is responsible for installing, configuring and keeping up to date all of my baremetal servers, virtual machines and personal computers.
My install.yml playbook can install (duh again!) Arch Linux from scrach using archiso and archzfs, configuring all the system components up to my liking (but it is still somewhat customizable). All my partitions are encrypted by default, I use systemd-boot with unified kernel image, SecureBoot, and ZFS for all storage including root. Install config diffres according to the type of machine (baremetal server, virtual machine, PC with nVIDIA GPU - they all need diffrent customizations).
Next is configure.yml that is responsible for, guess what, configuration of all the things. It gathers lots of roles, each one for specific app or zone of intrest. It is divided in four phases:
- Basic configuration - configuring all OS basics like network, ntp, package manager, firewall, NFS, additional storage, KVM etc.
- GUI configuration - responsible for installing and configuring KDE GUI and much needed apps for my PCs.
- GUI personalization - this one takes things to next level and personalizes KDE system apps and some others just how I like it, so I don't have to set anything in those pesky menus after reinstall.
- Kubernetes installation - for bootstraping my Kubernetes cluster and adding new nodes. I use kubeadm, cilium and kube-vip with BGP configured on my opnSense router for load-balancing. I know I could use kubespray but I wanted to learn, besides I use Arch and it is not supported.
Currently I use OpenTofu for bootstraping Flux deployment into my Kubernetes cluster. I plan to add code for my Authentik instance. I would also like to create my VMs in libvirt using OpenTofu. I hope to implement this and more in near future.
- Flux bootstraping
- Libvirt VM creation
- Authentik management
I manage my Kubernetes cluster using Flux and Helm. For deployments that do not have charts created by the developer i create my own. They can be found in drikqlis/drik-homelab-helm-charts repository. I generate my helm repository automatically using Github Actions.
- cert-manager - X.509 certificate management for Kubernetes.
- Ingress-Nginx - ingress controller using NGINX as a reverse proxy and load balancer.
- Cilium - solution for providing, securing, and observing network connectivity between workloads.
- CSI Driver NFS - NFS CSI driver for Kubernetes supporting dynamic provisioning of Persistent Volumes.
- OpenEBS ZFS CSI Driver - CSI driver for provisioning Local PVs backed by ZFS and more.
- 1Password Connect Kubernetes Operator - integrates Kubernetes Secrets with 1Password Connect server.
Flux is installed into kubernetes/main/bootstrap directory. There I have created dirs for helm repositories, namespaces and kustomizations for specific apps that point to files located in kubernetes/main/apps/$appname which contains helm release, configmap with values and OnePasswordItem kind which creates a secret with values that are secret. I have also created image automation to auto update image tag of specific helm releases when new version is built and published.
- Authentik - used for SSO and identity management for all my services.
- Kubernetes Dashboard - general purpose, web-based UI for Kubernetes cluster.
- Jellyfin - opensource Software Media System for all things media.
- Vaultwarden - unofficial Bitwarden compatible server written in Rust used for password management.
- Dagonite Empire - comprehensive tool for starting an online, text-based RPG campaign.