mirrors/khuedoan-homelab
1
0
Fork 0
mirror of https://github.com/khuedoan/homelab.git synced 2024-12-22 14:44:31 +07:00
Code Issues Packages Projects Releases Wiki Activity
1,660 Commits 6 Branches 8 Tags 12 MiB
master
Commit Graph

93 Commits

Author SHA1 Message Date
Khue Doan
de1f7176dd refactor(wireguard): use raw static config 
I want to set up a mesh with multiple sites, so I need static peer
configurations instead of those generated by the WireGuard container.
 2024-11-25 01:26:13 +07:00
Khue Doan
21fac43e57 refactor: replace Terraform binary with OpenTofu 
OpenTofu is a drop-in replacement for Terraform, so aside from changing
the binary, it only needs some minor adjustments.
 2024-11-24 00:09:15 +07:00
Khue Doan
18d51382ef feat: backup and restore script 2024-11-22 15:26:43 +07:00
Khue Doan
eb1381d38b chore(tools): update packages 2024-09-02 11:23:41 +07:00
Khue Doan
2cd8a249b6 refactor!: replace ZeroTier with Tailscale and Wireguard 
- Tailscale UX is better, and the Headscale control server is also
  easier to self-host than ZeroTier (although Headscale is not the
  official control server, the author now works at Tailscale)
- Wireguard is also added as an alternative to avoid relying on a
  third-party service, however it requires port-forwarding
 2024-04-18 20:11:18 +07:00
Khue Doan
20b4f10976 chore(cloudflare)!: upgrade Terraform provider version 
It's a breaking change due to a known oversight in the 3.x -> 4.x
migration.

https://github.com/cloudflare/terraform-provider-cloudflare/issues/2286

To resolve you can either:

1. Manually update the state file with the new resource name
2. Remove the resources from state, perform the upgrade and then
   reimport the resources back into the state
3. (What I did, but you'll have downtime) Comment out the tunnel
   resources, apply, bump the version to v4, uncomment, then apply again
   to recreate the resources
 2024-04-18 16:59:17 +07:00
Khue Doan
295914cfae fix(cloudflared): remove deprecated permissions field 2024-04-18 16:25:09 +07:00
Khue Doan
0b3fe1c82a feat(external): allow adding extra third party secrets 2024-03-14 20:11:58 +07:00
Khue Doan
4a4828f20b chore(deps): update all non-major dependencies 2024-03-03 00:20:54 +07:00
Khue Doan
a7cdb00550 refactor!: move alert setup from Grafana to Alertmanager 2024-03-02 14:32:55 +07:00
Khue Doan
bed4134ef0 feat: add ntfy relay for Grafana alerts 2024-01-21 14:43:27 +07:00
Khue Doan
5915ebb9d1 refactor(external): just use nvim to edit tfvars 
The previous setup using Ansible is kinda unessesary since it just
edit the same tfvars file.
 2024-01-20 11:48:25 +07:00
Khue Doan
b98060294d refactor!: remove Tekton 
Replaced by Woodpecker CI. It turns out I don't need that much power
from Tekton's flexibility, so it's not worth the maintenance overhead
for my specific use case at home.
 2024-01-15 10:55:29 +07:00
Khue Doan
f48debbce3 chore: update dependencies 2024-01-06 01:56:35 +07:00
Khue Doan
88eab4ace1 refactor(external): remove IP whitelist for Cloudflare tokens 
For home networks without static IP, external-dns and cert-manager might
fail after some time if this module is not applied.
 2023-12-22 12:58:42 +07:00
Khue Doan
65af4ff8e6 refactor!: remove MetalLB 
Replaced by Cilium L2 Aware LB.

Additionally, the default Zerotier route was changed to match the
LB IP pool rather than the entire home subnet. This makes it easier
to manage in the configure script and can be updated to any value
later if needed.
 2023-12-22 00:34:23 +07:00
Khue Doan
60fd8b9e9a build!: switch to Nix flake 2023-10-27 16:37:53 +07:00
Renovate Bot
6bd0577c64 chore(deps): update terraform http to v3 2023-01-25 12:39:40 +00:00
Khue Doan
4f6baed675 chore(tools): update versions 2022-10-03 11:48:18 +07:00
Khue Doan
8447502d54 feat: add ZeroTier for remote access 
- Fully open source
- Has free hosted version (my.zerotier.com)
- Can be automated with Terraform
- Pretty good performance with UDP hole punching
 2022-08-29 14:01:25 +07:00
Khue Doan
81582db448 chore(external): remove redundant empty provider block 2022-08-26 19:21:49 +07:00
Khue Doan
cd41343580
refactor(docs): migrate to mkdocs (#68) 
* refactor(docs): migrate to mkdocs

* More markdown

* Admonitions
 2022-07-06 12:33:35 +07:00
Khue Doan
1dab7e9aaa chore(external): update Terraform version 2022-06-08 20:28:52 +07:00
Khue Doan
e173b18b97 docs(external): use table for list of resources 2022-06-04 14:33:22 +07:00
Khue Doan
5dc905be86 docs: update external resources instruction 2022-06-04 14:25:55 +07:00
Khue Doan
dc7d1256a0 build: set kubeconfig from global Makefile 
Separate build steps in Tekton can use service account instead of config file
 2022-05-14 20:06:57 +07:00
Renovate Bot
86807062b2 chore(deps): update all non-major dependencies helm releases 2022-03-23 15:07:13 +00:00
Khue Doan
910321b0d5 build(external): auto approve Terraform apply 
Use plan if you just want to plan
 2022-03-15 21:40:28 +07:00
Khue Doan
f5162a9135 refactor(external)!: use separate modules for each provider 2022-03-14 23:21:28 +07:00
Khue Doan
6ea9b471fd refactor(external): remove Backblaze B2 
Will add AWS S3 Glacier later
 2022-03-14 23:07:59 +07:00
Khue Doan
25ac9e0115 refactor(external): use generic zone name for zone data 2022-02-20 20:32:22 +07:00
Elliot Blackburn
cf94f761c4
docs(external): add Terraform Cloud workspace instruction (#44) 
* Add note regarding terraform cloud execution mode

When configuring a workspace in Terraform Cloud, the execution mode defaults to "Remote". This is problematic for two reasons:
1. We use local files that are not in the terraform plan directory. This creates errors about being unable to local files where it is not immediately obvious why.
2. The remote (cloud) runner won't be able to access the kube cluster running on the internal network anyway, so any plan application will fail.

* Detail terraform cloud workspace setup
 2022-02-15 08:32:29 +07:00
Khue Doan
81f0a94574 chore(deps): update all non-major dependencies 
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [cloudflare](https://registry.terraform.io/providers/cloudflare/cloudflare) ([source](https://github.com/cloudflare/terraform-provider-cloudflare)) | required_provider | minor | `~> 3.7.0` -> `~> 3.8.0` |
| [dendrite](https://github.com/locmai/charts) |  | patch | `0.0.1` -> `0.0.2` |
| [renovate](https://github.com/renovatebot/helm-charts) |  | minor | `31.62.0` -> `31.63.2` |

⚠️ Release Notes retrieval for this PR were skipped because no github.com credentials were available.
If you are self-hosted, please see [this instruction](https://github.com/renovatebot/renovate/blob/master/docs/usage/examples/self-hosting.md#githubcom-token-for-release-notes).

---

📅 **Schedule**: At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, click this checkbox.

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Reviewed-on: https://git.khuedoan.com/ops/homelab/pulls/2
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-committed-by: Renovate Bot <bot@renovateapp.com>
 2022-01-31 23:21:52 +07:00
Khue Doan
b6aa20a0ee docs(external): list some alternatives 2022-01-29 23:59:03 +07:00
Renovate Bot
d6a8495767 chore(deps): update all non-major dependencies helm releases 2022-01-27 18:19:34 +00:00
Khue Doan
479016d737 refactor: inject Terraform secrets with Terraform 
Instead of Ansible
 2021-12-29 22:51:36 +07:00
Khue Doan
bde8724284 style: format YAMLs to fix yamllint 2021-12-26 12:36:14 +07:00
Khue Doan
6aa12a1bb9 fix(external): add missing env var to Makefile 2021-12-26 10:52:02 +07:00
Khue Doan
8793556800 chore: cleanup Backblaze secret keys 2021-12-25 21:58:23 +07:00
Khue Doan
675891c558 feat(external): inject Backblaze secrets to k8up namespace 2021-12-25 20:18:45 +07:00
Khue Doan
c1ff305343 refactor(external): create terraform secrets after apply 2021-12-25 10:58:54 +07:00
Khue Doan
27468592ce build: inject Terraform secrets to tekton-pipelines namespace 2021-12-25 03:03:46 +07:00
Khue Doan
dd2bdff255 style(external): format 2021-12-25 02:50:18 +07:00
Khue Doan
3cfd670424 docs: update deploy instruction for external layer 2021-12-25 02:39:48 +07:00
Khue Doan
08513dcda5 refactor(external): ask to enter variables if var file does not exist 2021-12-25 02:34:49 +07:00
Khue Doan
c55b98186d refactor(external): split Cloudflare into multiple files 2021-12-25 02:06:05 +07:00
Khue Doan
6a7709cec9 feat(external): initial playbook to create secrets for pipelines 2021-12-24 20:05:59 +07:00
Khue Doan
496b66c6a4 Revert "chore(external): ignore modified_on drift" 
This reverts commit b7bdbe6316.
 2021-12-24 16:36:29 +07:00
Khue Doan
b7bdbe6316 chore(external): ignore modified_on drift 2021-12-24 16:33:21 +07:00
Khue Doan
3b9a7e2276 style(external): format 2021-12-24 15:15:21 +07:00