bram.gotink.be / macharian
A lowly tech priest's attempt to please Mars
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

Shell 66.5%
Dockerfile 33.5%
494 5 0

Clone this repository

https://tangled.org/bram.gotink.be/macharian https://tangled.org/did:plc:qtz7h55tlmtjhg4d4comrc4z/macharian
git@knot.at.gotink.be:bram.gotink.be/macharian git@knot.at.gotink.be:did:plc:qtz7h55tlmtjhg4d4comrc4z/macharian

For self-hosted knots, clone URLs may differ based on your setup.

Download tar.gz
README.md

Macharian#

This repository contains everything I've got running on my home servers.

Servers#

My setup is currently as follows:

  • Proteus Quartus: an ASUS NUC 14 running a Talos node on bare metal
  • Proteus Secundus: an ASUS NUC 15 running a Talos node on bare metal
  • Paleon: A Scaleway VPS running an NGINX reverse proxy that exposes certain services over Tailscale to the outside world.

Kubernetes#

Kubernetes cluster Proteus currently consists of two nodes, Proteus Secundus and Proteus Quartus, both running Talos. The cluster is managed via Flux which uses the kubernetes folder in this repository as source. Renovate helps keep everything up to date.

The core components are:

  • cert-manager creates SSL certificates for everything running in the cluster
  • Istio manages the network & ingress with metallb as load balancer
  • Tailscale exposes certain services over VPN to the internet
  • Longhorn manages storage for k8s
  • authentik provides Single Sign-On either via OIDC or integrated via istio
  • sops keeps secrets commited in this repo actually secret

The applications running on kubernetes fall into several categories:

Hardware#

  • 1x ASUS NUC14RVHU7000R0 Revel Canyon U7 155H
    • 64 GB RAM
    • 1x 2TB M.2 NVMe
    • 1x 4TB SATA SSD (warp)
  • 1x ASUS NUC 15 Pro Slim Kit RNUC15CRKU700002 barebone
    • 64 GB RAM
    • 1x 2TB M.2 NVMe

This hardware is currently situated next to our TV, which greatly hampers the options for expansion. I would love to expand and add proper storage (a NAS) and maybe one other server—having two k8s nodes has downsides that a third node would solve—but that has to wait until after we've moved to a house that doesn't only have network cables in the living room.

Gratitude#

I had little to no experience with Kubernetes and DevOps when I bought my first NUC to use as server. The home-ops repo of GitHub user onedr0p has been instrumental in getting me started with flux and renovate, and I use a lot of containers they have set up.