mirrors/khuedoan-homelab
1
0
Fork 0
mirror of https://github.com/khuedoan/homelab.git synced 2024-12-22 16:24:32 +07:00
Code Issues Packages Projects Releases Wiki Activity
1,660 Commits 6 Branches 8 Tags 12 MiB
master
Commit Graph

1660 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Khue Doan
4d6c67183e feat(cilium): enable Hubble UI 
Use kubectl port-forward instead of Ingress to access the UI to
avoid chicken and eggs issues, since ingress controller will be
installed after Cilium.
 2024-03-25 20:01:04 +07:00
Khue Doan
0b3fe1c82a feat(external): allow adding extra third party secrets 2024-03-14 20:11:58 +07:00
Khue Doan
946203aac0 feat: install PairDrop 2024-03-13 19:22:23 +07:00
Khue Doan
5dc86c77c6 fix(rook-ceph): auto remove OSD if safe to remove 
Useful when replacing nodes.
 2024-03-13 12:16:38 +07:00
Khue Doan
1773c71ced chore(matrix)!: switch to upstream Helm chart 2024-03-13 10:11:30 +07:00
Khue Doan
9135b60695 test: add storage benchmark 2024-03-13 10:11:25 +07:00
Khue Doan
c244195d8a docs: replace Longhorn with Rook Ceph 2024-03-13 10:11:25 +07:00
Khue Doan
32a9aa94d5 refactor(rook-ceph): customize configuration 2024-03-13 10:11:25 +07:00
Khue Doan
b4ba7ea6e2 refactor!: replace Longhorn with Rook Ceph 
Longhorn is too unreliable for some reason.
 2024-03-12 07:55:24 +07:00
Khue Doan
fd8b0113ca chore(argocd): upgrade Helm chart to v6 2024-03-12 07:55:24 +07:00
Khue Doan
4a4828f20b chore(deps): update all non-major dependencies 2024-03-03 00:20:54 +07:00
Khue Doan
50647047a7 docs: update contributor list 2024-03-02 23:58:35 +07:00
Randall Mason
27f59530d1
fix(hacks): don't use string interpolation for Gitea auth 
This fails when there are some special characters in the password
 2024-03-02 23:34:46 +07:00
Raed
c0a06afc8f
docs: add more details about PXE troubleshooting 2024-03-02 15:46:52 +07:00
Khue Doan
a7cdb00550 refactor!: move alert setup from Grafana to Alertmanager 2024-03-02 14:32:55 +07:00
Khue Doan
af2c9c5e0b feat: deploy Actual Budget 2024-02-23 09:51:50 +07:00
Khue Doan
6a2fa43e34 chore(metal): upgrade to latest stable Cilium 2024-02-16 23:17:26 +07:00
Khue Doan
ce868c27dc chore(cilium): upgrade to v1.15 RC1 
For l2announcer bug fix.
 2024-02-04 10:07:44 +07:00
Khue Doan
41211ff638 docs: update screenshots and ntfy instruction 2024-01-21 19:53:34 +07:00
Loc Mai
529a2651a7
fix(hacks): patch secret if existed (#131) 2024-01-21 16:47:40 +07:00
Khue Doan
250e6d2712 feat(grafana): add ntfy integration 2024-01-21 16:14:37 +07:00
Khue Doan
169f24fed3 chore: update kube-prometheus-stack and grafana 2024-01-21 15:50:02 +07:00
Khue Doan
bed4134ef0 feat: add ntfy relay for Grafana alerts 2024-01-21 14:43:27 +07:00
Khue Doan
5915ebb9d1 refactor(external): just use nvim to edit tfvars 
The previous setup using Ansible is kinda unessesary since it just
edit the same tfvars file.
 2024-01-20 11:48:25 +07:00
Khue Doan
6def3d1ea7 ci: remove sops-pre-commit 
All secrets are automatically generated and synced with External Secrets,
so there are (almost?) no cases where I have a Kubernetes Secret YAML on
disk. Additionally, k8s-at-home is deprecated.
 2024-01-19 22:26:37 +07:00
Khue Doan
0eb03e461c refactor!: remove Seafile 
I don't use Seafile that much, and the new version is kind of a pain
to set up (CSRF failed, hard to configure automatically, etc.).

I haven't chosen an alternative yet, but it may come in the future.
 2024-01-19 22:22:13 +07:00
Khue Doan
2db4bb1f90 refactor(paperless): disable public tunnel access 2024-01-19 12:51:58 +07:00
Khue Doan
636c2d3fd9 chore: remove prebuilt tools image for CI 
It was added to speed up CI, utilize Kaniko's built-in caching feature.
However with nixery.dev images we probably don't need it anymore.

Long term we still need to setup a proper Nix cache to run nix develop in CI.
 2024-01-19 03:11:44 +07:00
Khue Doan
ca5821dfe1 style(homepage): reorganize services 2024-01-19 02:57:46 +07:00
Khue Doan
bacc12accb docs: update admin credentials locations 2024-01-19 02:51:48 +07:00
Khue Doan
11e407e880 refactor(paperless)!: switch to app-template 
Explicitly define PAPERLESS_PORT due to environment variable conflict.

https://docs.paperless-ngx.com/troubleshooting/#gunicorn-fails-to-start-with-is-not-a-valid-port-number
 2024-01-19 02:43:58 +07:00
Khue Doan
6f09545756 docs: update acknowledgements and add link to k8s-at-home 2024-01-19 00:37:04 +07:00
Khue Doan
59cd428763 perf(argocd): ignore resource update to reduce CPU usage 
From https://argo-cd.readthedocs.io/en/stable/operator-manual/reconcile

By default, an Argo CD Application is refreshed every time a resource that
belongs to it changes.

Kubernetes controllers often update the resources they watch periodically,
causing continuous reconcile operation on the Application and a high CPU
usage on the argocd-application-controller

When a resource update is ignored, if the resource's health status does
not change, the Application that this resource belongs to will not be
reconciled.
 2024-01-18 23:44:53 +07:00
Khue Doan
f3e3fa22ec refactor: update Kanidm password reset script to reset any account 
https://github.com/khuedoan/homelab/issues/130
 2024-01-18 20:20:10 +07:00
Khue Doan
bd0d7b556d docs: remove mention of system upgrade controller 
https://github.com/khuedoan/homelab/issues/129
 2024-01-18 20:19:51 +07:00
Khue Doan
d6d1cd41d5 test: do not skip TLS verify in production 
The sandbox will set INSECURE_SKIP_VERIFY=true in the future.
 2024-01-18 19:58:13 +07:00
Khue Doan
0ceb426cd5 fix(k3s): re-enable cloud controller manager 
Otherwise the first node will use kube-vip's IP as its InternalIP,
causing issues with Kube API certificate due to an incorrect IP.

K3s's CCM does more than I thought, it not only handles Klipper LB but
also sets node InternalIP/ExternalIP and clears the uninitialized taint.

https://github.com/k3s-io/docs/blob/main/docs/networking.md#deploying-an-external-cloud-controller-manager
 2024-01-18 17:48:31 +07:00
Khue Doan
376f0e1b92 perf(metal): tune some kernel params for Kubernetes 
The default values are too low, you may get an error in some cases
after a while (like viewing logs)
 2024-01-18 17:31:23 +07:00
Khue Doan
e1c276e403 fix: use the correct mount path for Jellyseer 2024-01-18 01:53:52 +07:00
Khue Doan
182b9ea564 chore: increase media storage size 2024-01-18 01:53:52 +07:00
Khue Doan
1e4eae4894 docs: add media management instruction 2024-01-18 01:53:48 +07:00
Khue Doan
6d7255cca3 refactor: change media stack dependencies 
- Replace jackett with prowlarr for better integration with *arr apps
- Add sonarr
 2024-01-17 23:26:58 +07:00
Khue Doan
d4c778c18a chore: add more apps to homepage 2024-01-17 21:18:50 +07:00
Khue Doan
7110c57cee fix(jellyfin): update volume permission 
Ensure all containers can write to the shared volume.
 2024-01-17 21:15:16 +07:00
Khue Doan
5e58a21aec feat(jellyfin): add media management sidecars 
Use sidecar instead of a separate Deployment because of RWO volumes.
 2024-01-17 21:15:16 +07:00
Khue Doan
25c35f6ec5 docs: update user onboarding instruction 
Make it shorter.
 2024-01-17 21:15:16 +07:00
Khue Doan
3fa84e0e52 refactor(jellyfin): use app-template chart 
Charts from k8s-at-home repository are deprecated.
 2024-01-17 21:15:16 +07:00
Khue Doan
1af664d6c0 refactor!: replace Hajimari with Homepage 
More eye candies.
 2024-01-17 21:15:16 +07:00
Khue Doan
6af0662600 feat: install Homepage 
https://gethomepage.dev
 2024-01-17 21:15:16 +07:00
Khue Doan
f51d3f95a9 feat(gitea): automatically setup Dex as authentication source 
It's very ugly but it works ¯\_(ツ)_/¯
 2024-01-17 01:51:43 +07:00