mirrors/khuedoan-homelab
1
0
Fork 0
mirror of https://github.com/khuedoan/homelab.git synced 2025-01-03 13:30:57 +07:00
Code Issues Packages Projects Releases Wiki Activity
1,593 Commits 6 Branches 8 Tags 12 MiB
365912f76a
Commit Graph

1593 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Khue Doan
365912f76a feat: install Velero 2024-01-22 09:17:56 +07:00
Khue Doan
41211ff638 docs: update screenshots and ntfy instruction 2024-01-21 19:53:34 +07:00
Loc Mai
529a2651a7
fix(hacks): patch secret if existed (#131) 2024-01-21 16:47:40 +07:00
Khue Doan
250e6d2712 feat(grafana): add ntfy integration 2024-01-21 16:14:37 +07:00
Khue Doan
169f24fed3 chore: update kube-prometheus-stack and grafana 2024-01-21 15:50:02 +07:00
Khue Doan
bed4134ef0 feat: add ntfy relay for Grafana alerts 2024-01-21 14:43:27 +07:00
Khue Doan
5915ebb9d1 refactor(external): just use nvim to edit tfvars 
The previous setup using Ansible is kinda unessesary since it just
edit the same tfvars file.
 2024-01-20 11:48:25 +07:00
Khue Doan
6def3d1ea7 ci: remove sops-pre-commit 
All secrets are automatically generated and synced with External Secrets,
so there are (almost?) no cases where I have a Kubernetes Secret YAML on
disk. Additionally, k8s-at-home is deprecated.
 2024-01-19 22:26:37 +07:00
Khue Doan
0eb03e461c refactor!: remove Seafile 
I don't use Seafile that much, and the new version is kind of a pain
to set up (CSRF failed, hard to configure automatically, etc.).

I haven't chosen an alternative yet, but it may come in the future.
 2024-01-19 22:22:13 +07:00
Khue Doan
2db4bb1f90 refactor(paperless): disable public tunnel access 2024-01-19 12:51:58 +07:00
Khue Doan
636c2d3fd9 chore: remove prebuilt tools image for CI 
It was added to speed up CI, utilize Kaniko's built-in caching feature.
However with nixery.dev images we probably don't need it anymore.

Long term we still need to setup a proper Nix cache to run nix develop in CI.
 2024-01-19 03:11:44 +07:00
Khue Doan
ca5821dfe1 style(homepage): reorganize services 2024-01-19 02:57:46 +07:00
Khue Doan
bacc12accb docs: update admin credentials locations 2024-01-19 02:51:48 +07:00
Khue Doan
11e407e880 refactor(paperless)!: switch to app-template 
Explicitly define PAPERLESS_PORT due to environment variable conflict.

https://docs.paperless-ngx.com/troubleshooting/#gunicorn-fails-to-start-with-is-not-a-valid-port-number
 2024-01-19 02:43:58 +07:00
Khue Doan
6f09545756 docs: update acknowledgements and add link to k8s-at-home 2024-01-19 00:37:04 +07:00
Khue Doan
59cd428763 perf(argocd): ignore resource update to reduce CPU usage 
From https://argo-cd.readthedocs.io/en/stable/operator-manual/reconcile

By default, an Argo CD Application is refreshed every time a resource that
belongs to it changes.

Kubernetes controllers often update the resources they watch periodically,
causing continuous reconcile operation on the Application and a high CPU
usage on the argocd-application-controller

When a resource update is ignored, if the resource's health status does
not change, the Application that this resource belongs to will not be
reconciled.
 2024-01-18 23:44:53 +07:00
Khue Doan
f3e3fa22ec refactor: update Kanidm password reset script to reset any account 
https://github.com/khuedoan/homelab/issues/130
 2024-01-18 20:20:10 +07:00
Khue Doan
bd0d7b556d docs: remove mention of system upgrade controller 
https://github.com/khuedoan/homelab/issues/129
 2024-01-18 20:19:51 +07:00
Khue Doan
d6d1cd41d5 test: do not skip TLS verify in production 
The sandbox will set INSECURE_SKIP_VERIFY=true in the future.
 2024-01-18 19:58:13 +07:00
Khue Doan
0ceb426cd5 fix(k3s): re-enable cloud controller manager 
Otherwise the first node will use kube-vip's IP as its InternalIP,
causing issues with Kube API certificate due to an incorrect IP.

K3s's CCM does more than I thought, it not only handles Klipper LB but
also sets node InternalIP/ExternalIP and clears the uninitialized taint.

https://github.com/k3s-io/docs/blob/main/docs/networking.md#deploying-an-external-cloud-controller-manager
 2024-01-18 17:48:31 +07:00
Khue Doan
376f0e1b92 perf(metal): tune some kernel params for Kubernetes 
The default values are too low, you may get an error in some cases
after a while (like viewing logs)
 2024-01-18 17:31:23 +07:00
Khue Doan
e1c276e403 fix: use the correct mount path for Jellyseer 2024-01-18 01:53:52 +07:00
Khue Doan
182b9ea564 chore: increase media storage size 2024-01-18 01:53:52 +07:00
Khue Doan
1e4eae4894 docs: add media management instruction 2024-01-18 01:53:48 +07:00
Khue Doan
6d7255cca3 refactor: change media stack dependencies 
- Replace jackett with prowlarr for better integration with *arr apps
- Add sonarr
 2024-01-17 23:26:58 +07:00
Khue Doan
d4c778c18a chore: add more apps to homepage 2024-01-17 21:18:50 +07:00
Khue Doan
7110c57cee fix(jellyfin): update volume permission 
Ensure all containers can write to the shared volume.
 2024-01-17 21:15:16 +07:00
Khue Doan
5e58a21aec feat(jellyfin): add media management sidecars 
Use sidecar instead of a separate Deployment because of RWO volumes.
 2024-01-17 21:15:16 +07:00
Khue Doan
25c35f6ec5 docs: update user onboarding instruction 
Make it shorter.
 2024-01-17 21:15:16 +07:00
Khue Doan
3fa84e0e52 refactor(jellyfin): use app-template chart 
Charts from k8s-at-home repository are deprecated.
 2024-01-17 21:15:16 +07:00
Khue Doan
1af664d6c0 refactor!: replace Hajimari with Homepage 
More eye candies.
 2024-01-17 21:15:16 +07:00
Khue Doan
6af0662600 feat: install Homepage 
https://gethomepage.dev
 2024-01-17 21:15:16 +07:00
Khue Doan
f51d3f95a9 feat(gitea): automatically setup Dex as authentication source 
It's very ugly but it works ¯\_(ツ)_/¯
 2024-01-17 01:51:43 +07:00
Khue Doan
86221b920c feat(dex): add Gitea SSO client 2024-01-17 00:15:59 +07:00
Khue Doan
6ebedfbe8c refactor(hacks): use wrapper function to load kube config 2024-01-16 14:15:39 +07:00
Khue Doan
23f695b8fb feat(k3s): install kube-vip for HA control plane 2024-01-16 12:34:22 +07:00
Khue Doan
b98060294d refactor!: remove Tekton 
Replaced by Woodpecker CI. It turns out I don't need that much power
from Tekton's flexibility, so it's not worth the maintenance overhead
for my specific use case at home.
 2024-01-15 10:55:29 +07:00
Khue Doan
69345a87c3 ci: add Helm diff step 2024-01-09 23:50:33 +07:00
Khue Doan
dcf7f5b810 fix(gitea): define scopes when creating access tokens 
Required in newer versions.
 2024-01-09 00:28:48 +07:00
Khue Doan
7f933a0355 refactor(gitea): disable unused features 
Keep Gitea minimal.
 2024-01-08 21:16:29 +07:00
Khue Doan
172c7c7c2b chore(gitea)!: ugrade Helm chart to v10 
This is a breaking change, see https://gitea.com/gitea/helm-chart#upgrading
before upgrading to avoid losing data. Personally I have my repos saved
in many Git hosting providers so I just nuke it and reinstall.

Fixes changed files detection in pull_request event in Woodpecker.
 2024-01-08 21:16:29 +07:00
Khue Doan
ab06f7be56 ci: migrate to Woodpecker 2024-01-08 21:11:11 +07:00
Khue Doan
77c5fe2113 refactor: remove descheduler 
It's kinda... unnecessary for a home cluster?
 2024-01-06 22:35:30 +07:00
Khue Doan
5bf9c03cf8 feat: install Woodpecker CI 2024-01-06 03:03:35 +07:00
Khue Doan
4673f91558 refactor(dex): remove Gitea connector 
Use Kanidm instead.
 2024-01-06 03:03:29 +07:00
Khue Doan
09ce3e64fc docs: update user onboarding guide 2024-01-06 02:11:20 +07:00
Khue Doan
a5c8f1e9c5 feat(kanidm): add script for user onboarding 2024-01-06 02:07:58 +07:00
Khue Doan
f48debbce3 chore: update dependencies 2024-01-06 01:56:35 +07:00
Khue Doan
9ff1077470 feat: automate Kanidm configuration 
Just a hack for now.
 2024-01-06 01:25:55 +07:00
Khue Doan
50220aaf6a feat(dex): add Kanidm connector 2024-01-06 00:44:45 +07:00