State of the art multi-cluster GitOps repository for homelab use. Currently used with my bare metal Kubernetes clusters at home to host a bunch of useful apps.
| Apps | Description |
|---|---|
 |
Immutable Linux distro for Kubernetes, deployed with Omni |
 |
Full network stack, replaces Flannel as the CNI and kube-proxy from Talos. Also used as the Load Balancer with Gateway API support |
 |
Fully managed Kubernetes deployment using GitOps practices |
 |
Manage secrets remotely & securely from a list of providers |
 |
Automatic x.509 certificates management with Gateway API support |
 |
Manage automatically the DNS records of domains listed in the Gateway API's routes |
 |
Custom DNS server with blocking capabilities to route internal traffic |
| Apps | Description |
|---|---|
 |
Recursive DNS server used with Pi-hole to provide more privacy |
 |
Git server to host personal stuff likes notes etc. |
| Apps | Description |
|---|---|
 |
Open-source analytics and interactive visualization web application |
 |
Monitoring system with a dimensional data model, flexible query language & more |
 |
Automatically inform of new updates for deployed apps in the cluster |
I'm using Sidero Omni to manage and deploy my Kubernetes clusters.
You'll need the following:
- A GitHub PAT to be used by
Flux, with Read-Write permissions for Admnistration & Contents - Any secret provider supported by External Secrets Operator, this repository uses
GitLab - An API token of your a provider that will make DNS challenges to create certificates. This repository uses a
Cloudflaretoken with the permissions: Zone - DNS - Edit, Zone - Zone - Read & Include - All Zones - Another API token of the same provider to manage DNS records. Using
Cloudflare, the token should have the same permissions as above.
Add the following secrets to your secret provider of choice: dns_provider_challenge_token,
dns_provider_management_token & pihole_password