mirror of
https://github.com/khuedoan/homelab.git
synced 2024-12-23 01:14:38 +07:00
4b69ec2dfc
https://github.com/distribution/distribution Docker Registry is stateless and easier to automate. The tiny footprint is an added bonus.
277 lines
15 KiB
Markdown
277 lines
15 KiB
Markdown
# Khue's Homelab
|
||
|
||
**[Features](#features) • [Get Started](#get-started) • [Documentation](https://homelab.khuedoan.com)**
|
||
|
||
[](https://github.com/khuedoan/homelab/tags)
|
||
[](https://homelab.khuedoan.com)
|
||
[](https://www.gnu.org/licenses/gpl-3.0.html)
|
||
[](https://github.com/khuedoan/homelab)
|
||
|
||
This project utilizes [Infrastructure as Code](https://en.wikipedia.org/wiki/Infrastructure_as_code) and [GitOps](https://www.weave.works/technologies/gitops) to automate provisioning, operating, and updating self-hosted services in my homelab.
|
||
It can be used as a highly customizable framework to build your own homelab.
|
||
|
||
> **What is a homelab?**
|
||
>
|
||
> Homelab is a laboratory at home where you can self-host, experiment with new technologies, practice for certifications, and so on.
|
||
> For more information about homelab in general, see the [r/homelab introduction](https://www.reddit.com/r/homelab/wiki/introduction).
|
||
|
||
## Overview
|
||
|
||
Project status: **ALPHA**
|
||
|
||
This project is still in the experimental stage, and I don't use anything critical on it.
|
||
Expect breaking changes that may require a complete redeployment.
|
||
A proper upgrade path is planned for the stable release.
|
||
More information can be found in [the roadmap](#roadmap) below.
|
||
|
||
### Hardware
|
||
|
||
|
||
|
||
- 4 × NEC SFF `PC-MK26ECZDR` (Japanese version of the ThinkCentre M700):
|
||
- CPU: `Intel Core i5-6600T @ 2.70GHz`
|
||
- RAM: `16GB`
|
||
- SSD: `128GB`
|
||
- TP-Link `TL-SG108` switch:
|
||
- Ports: `8`
|
||
- Speed: `1000Mbps`
|
||
|
||
### Features
|
||
|
||
- [x] Common applications: Gitea, Seafile, Jellyfin, Paperless...
|
||
- [x] Automated bare metal provisioning with PXE boot
|
||
- [x] Automated Kubernetes installation and management
|
||
- [x] Installing and managing applications using GitOps
|
||
- [x] Automatic rolling upgrade for OS and Kubernetes
|
||
- [x] Automatically update apps (with approval)
|
||
- [x] Modular architecture, easy to add or remove features/components
|
||
- [x] Automated certificate management
|
||
- [x] Automatically update DNS records for exposed services
|
||
- [x] VPN without port forwarding
|
||
- [x] Expose services to the internet securely with [Cloudflare Tunnel](https://www.cloudflare.com/products/tunnel/)
|
||
- [x] CI/CD platform
|
||
- [x] Private container registry
|
||
- [x] Distributed storage
|
||
- [x] Support multiple environments (dev, prod)
|
||
- [ ] Monitoring and alerting 🚧
|
||
- [ ] Automated offsite backups 🚧
|
||
- [ ] Single sign-on 🚧
|
||
- [x] Infrastructure testing
|
||
|
||
Some demo videos and screenshots are shown here.
|
||
They can't capture all the project's features, but they are sufficient to get a concept of it.
|
||
|
||
| Demo |
|
||
| :--: |
|
||
| [![][deploy-demo]](https://asciinema.org/a/xkBRkwC6e9RAzVuMDXH3nGHp7) |
|
||
| Deploy with a single command (after updating the configuration files) |
|
||
| [![][pxe-demo]](https://www.youtube.com/watch?v=y-d7btNNAT8) |
|
||
| PXE boot |
|
||
| [![][homepage-demo]][homepage-demo] |
|
||
| Homepage with Ingress discovery powered by [Hajimari](https://github.com/toboshii/hajimari) |
|
||
| [![][grafana-demo]][grafana-demo] |
|
||
| Monitoring dashboard powered by [Grafana](https://grafana.com/) |
|
||
| [![][gitea-demo]][gitea-demo] |
|
||
| Git server powered by [Gitea](https://gitea.io/en-us/) |
|
||
| [![][matrix-demo]][matrix-demo] |
|
||
| [Matrix](https://matrix.org/) chat server |
|
||
| [![][tekton-demo]][tekton-demo] |
|
||
| Continuous integration with [Tekton](https://tekton.dev/) |
|
||
| [![][argocd-demo]][argocd-demo] |
|
||
| Continuous deployment with [ArgoCD](https://argoproj.github.io/cd/) |
|
||
| [![][lens-demo]][lens-demo] |
|
||
| Cluster management using [Lens](https://k8slens.dev/) |
|
||
| [![][vault-demo]][vault-demo] |
|
||
| Secret management with [Vault](https://www.vaultproject.io/) |
|
||
|
||
[deploy-demo]: https://asciinema.org/a/xkBRkwC6e9RAzVuMDXH3nGHp7.svg
|
||
[pxe-demo]: https://user-images.githubusercontent.com/27996771/157303477-df2e7410-8f02-4648-a86c-71e6b7e89e35.png
|
||
[homepage-demo]: https://user-images.githubusercontent.com/27996771/149445807-0f869eb7-d8f5-4fef-ab97-ac281df91a06.png
|
||
[grafana-demo]: https://user-images.githubusercontent.com/27996771/149446631-1c5d056b-1fdc-48e6-96ba-e1abe1762be0.png
|
||
[gitea-demo]: https://user-images.githubusercontent.com/27996771/149444871-38889c9d-862f-41ff-8c05-8ece21da3e9c.png
|
||
[matrix-demo]: https://user-images.githubusercontent.com/27996771/149448510-7163310c-2049-4ccd-901d-f11f605bfc32.png
|
||
[tekton-demo]: https://user-images.githubusercontent.com/27996771/149445374-58fd0605-bb9a-46e4-81d6-5e584d2b94a9.png
|
||
[argocd-demo]: https://user-images.githubusercontent.com/27996771/149444716-fc0d7282-4cf7-4ddb-97a4-1a3fb47ff2b8.png
|
||
[lens-demo]: https://user-images.githubusercontent.com/27996771/149448896-9d79947d-468c-45c6-a81d-b43654e8ab6b.png
|
||
[vault-demo]: https://user-images.githubusercontent.com/27996771/149452309-de4a893b-e94c-4ba8-9119-ea87449cf77e.png
|
||
|
||
### Tech stack
|
||
|
||
<table>
|
||
<tr>
|
||
<th>Logo</th>
|
||
<th>Name</th>
|
||
<th>Description</th>
|
||
</tr>
|
||
<tr>
|
||
<td><img width="32" src="https://simpleicons.org/icons/ansible.svg"></td>
|
||
<td><a href="https://www.ansible.com">Ansible</a></td>
|
||
<td>Automate bare metal provisioning and configuration</td>
|
||
</tr>
|
||
<tr>
|
||
<td><img width="32" src="https://cncf-branding.netlify.app/img/projects/argo/icon/color/argo-icon-color.svg"></td>
|
||
<td><a href="https://argoproj.github.io/cd">ArgoCD</a></td>
|
||
<td>GitOps tool built to deploy applications to Kubernetes</td>
|
||
</tr>
|
||
<tr>
|
||
<td><img width="32" src="https://github.com/jetstack/cert-manager/raw/master/logo/logo.png"></td>
|
||
<td><a href="https://cert-manager.io">cert-manager</a></td>
|
||
<td>Cloud native certificate management</td>
|
||
</tr>
|
||
<tr>
|
||
<td><img width="32" src="https://avatars.githubusercontent.com/u/314135?s=200&v=4"></td>
|
||
<td><a href="https://www.cloudflare.com">Cloudflare</a></td>
|
||
<td>DNS and Tunnel</td>
|
||
</tr>
|
||
<tr>
|
||
<td><img width="32" src="https://www.docker.com/wp-content/uploads/2022/03/Moby-logo.png"></td>
|
||
<td><a href="https://www.docker.com">Docker</a></td>
|
||
<td>Ephemeral PXE server and convenient tools container</td>
|
||
</tr>
|
||
<tr>
|
||
<td><img width="32" src="https://github.com/distribution/distribution/raw/main/distribution-logo.svg"></td>
|
||
<td><a href="https://github.com/distribution/distribution">Docker Registry</a></td>
|
||
<td>Private container registry</td>
|
||
</tr>
|
||
<tr>
|
||
<td><img width="32" src="https://github.com/kubernetes-sigs/external-dns/raw/master/docs/img/external-dns.png"></td>
|
||
<td><a href="https://github.com/kubernetes-sigs/external-dns">ExternalDNS</a></td>
|
||
<td>Synchronizes exposed Kubernetes Services and Ingresses with DNS providers</td>
|
||
</tr>
|
||
<tr>
|
||
<td><img width="32" src="https://upload.wikimedia.org/wikipedia/commons/thumb/3/3f/Fedora_logo.svg/267px-Fedora_logo.svg.png"></td>
|
||
<td><a href="https://getfedora.org/en/server">Fedora Server</a></td>
|
||
<td>Base OS for Kubernetes nodes</td>
|
||
</tr>
|
||
<tr>
|
||
<td><img width="32" src="https://upload.wikimedia.org/wikipedia/commons/b/bb/Gitea_Logo.svg"></td>
|
||
<td><a href="https://gitea.com">Gitea</a></td>
|
||
<td>Self-hosted Git service</td>
|
||
</tr>
|
||
<tr>
|
||
<td><img width="32" src="https://grafana.com/static/img/menu/grafana2.svg"></td>
|
||
<td><a href="https://grafana.com">Grafana</a></td>
|
||
<td>Operational dashboards</td>
|
||
</tr>
|
||
<tr>
|
||
<td><img width="32" src="https://cncf-branding.netlify.app/img/projects/helm/icon/color/helm-icon-color.svg"></td>
|
||
<td><a href="https://helm.sh">Helm</a></td>
|
||
<td>The package manager for Kubernetes</td>
|
||
</tr>
|
||
<tr>
|
||
<td><img width="32" src="https://cncf-branding.netlify.app/img/projects/k3s/icon/color/k3s-icon-color.svg"></td>
|
||
<td><a href="https://k3s.io">K3s</a></td>
|
||
<td>Lightweight distribution of Kubernetes</td>
|
||
</tr>
|
||
<tr>
|
||
<td><img width="32" src="https://cncf-branding.netlify.app/img/projects/kubernetes/icon/color/kubernetes-icon-color.svg"></td>
|
||
<td><a href="https://kubernetes.io">Kubernetes</a></td>
|
||
<td>Container-orchestration system, the backbone of this project</td>
|
||
</tr>
|
||
<tr>
|
||
<td><img width="32" src="https://github.com/grafana/loki/blob/main/docs/sources/logo.png?raw=true"></td>
|
||
<td><a href="https://grafana.com/oss/loki">Loki</a></td>
|
||
<td>Log aggregation system</td>
|
||
</tr>
|
||
<tr>
|
||
<td><img width="32" src="https://cncf-branding.netlify.app/img/projects/longhorn/icon/color/longhorn-icon-color.svg"></td>
|
||
<td><a href="https://longhorn.io">Longhorn</a></td>
|
||
<td>Cloud native distributed block storage for Kubernetes</td>
|
||
</tr>
|
||
<tr>
|
||
<td><img width="32" src="https://avatars.githubusercontent.com/u/60239468?s=200&v=4"></td>
|
||
<td><a href="https://metallb.org">MetalLB</a></td>
|
||
<td>Bare metal load-balancer for Kubernetes</td>
|
||
</tr>
|
||
<tr>
|
||
<td><img width="32" src="https://avatars.githubusercontent.com/u/1412239?s=200&v=4"></td>
|
||
<td><a href="https://www.nginx.com">NGINX</a></td>
|
||
<td>Kubernetes Ingress Controller</td>
|
||
</tr>
|
||
<tr>
|
||
<td><img width="32" src="https://cncf-branding.netlify.app/img/projects/prometheus/icon/color/prometheus-icon-color.svg"></td>
|
||
<td><a href="https://prometheus.io">Prometheus</a></td>
|
||
<td>Systems monitoring and alerting toolkit</td>
|
||
</tr>
|
||
<tr>
|
||
<td><img width="32" src="https://docs.renovatebot.com/assets/images/logo.png"></td>
|
||
<td><a href="https://www.whitesourcesoftware.com/free-developer-tools/renovate">Renovate</a></td>
|
||
<td>Automatically update dependencies</td>
|
||
</tr>
|
||
<tr>
|
||
<td><img width="32" src="https://avatars.githubusercontent.com/u/47602533?s=200&v=4"></td>
|
||
<td><a href="https://tekton.dev">Tekton</a></td>
|
||
<td>Cloud native solution for building CI/CD systems</td>
|
||
</tr>
|
||
<tr>
|
||
<td><img width="32" src="https://simpleicons.org/icons/vault.svg"></td>
|
||
<td><a href="https://www.vaultproject.io">Vault</a></td>
|
||
<td>Secrets and encryption management system</td>
|
||
</tr>
|
||
<tr>
|
||
<td><img width="32" src="https://docs.zerotier.com/img/ZeroTierIcon.png"></td>
|
||
<td><a href="https://zerotier.com">ZeroTier</a></td>
|
||
<td>VPN without port forwarding</td>
|
||
</tr>
|
||
</table>
|
||
|
||
## Get Started
|
||
|
||
- [Try it out locally](https://homelab.khuedoan.com/installation/sandbox) without any hardware (just 4 commands!)
|
||
- [Deploy on real hardware](https://homelab.khuedoan.com/installation/production/prerequisites) for production workload
|
||
|
||
## Roadmap
|
||
|
||
See [roadmap](https://homelab.khuedoan.com/reference/roadmap) and [open issues](https://github.com/khuedoan/homelab/issues) for a list of proposed features and known issues.
|
||
|
||
## Contributing
|
||
|
||
Any contributions you make are greatly appreciated.
|
||
|
||
Please see [contributing guide](https://homelab.khuedoan.com/reference/contributing) for more information.
|
||
|
||
## License
|
||
|
||
Copyright © 2020 - 2022 Khue Doan
|
||
|
||
Distributed under the GPLv3 License.
|
||
See [license page](https://homelab.khuedoan.com/reference/license) or `LICENSE.md` file for more information.
|
||
|
||
## Acknowledgements
|
||
|
||
References:
|
||
|
||
- [Ephemeral PXE server inspired by Minimal First Machine in the DC](https://speakerdeck.com/amcguign/minimal-first-machine-in-the-dc)
|
||
- [ArgoCD usage and monitoring configuration in locmai/humble](https://github.com/locmai/humble)
|
||
- [README template](https://github.com/othneildrew/Best-README-Template)
|
||
- [Run the same Cloudflare Tunnel across many `cloudflared` processes](https://developers.cloudflare.com/cloudflare-one/tutorials/many-cfd-one-tunnel)
|
||
- [MAC address environment variable in GRUB config](https://askubuntu.com/questions/1272400/how-do-i-automate-network-installation-of-many-ubuntu-18-04-systems-with-efi-and)
|
||
- [Official k3s systemd service file](https://github.com/k3s-io/k3s/blob/master/k3s.service)
|
||
- [Official Cloudflare Tunnel examples](https://github.com/cloudflare/argo-tunnel-examples)
|
||
- [Initialize GitOps repository on Gitea and integrate with Tekton by RedHat](https://github.com/redhat-scholars/tekton-tutorial/tree/master/triggers)
|
||
- [SSO configuration from xUnholy/k8s-gitops](https://github.com/xUnholy/k8s-gitops)
|
||
- [Pre-commit config from k8s-at-home/flux-cluster-template](https://github.com/k8s-at-home/flux-cluster-template)
|
||
- [Diátaxis technical documentation framework](https://diataxis.fr)
|
||
- [Official Terratest examples](https://github.com/gruntwork-io/terratest/tree/master/test)
|
||
|
||
Here is a list of the contributors who have helped to improve this project.
|
||
Big shout-out to them!
|
||
|
||
-  [@locmai](https://github.com/locmai)
|
||
-  [@MatthewJohn](https://github.com/MatthewJohn)
|
||
-  [@karpfediem](https://github.com/karpfediem)
|
||
-  [@linhng98](https://github.com/linhng98)
|
||
-  [@BlueHatbRit](https://github.com/BlueHatbRit)
|
||
-  [@dotdiego](https://github.com/dotdiego)
|
||
-  [@Crimrose](https://github.com/Crimrose)
|
||
-  [@eventi](https://github.com/eventi)
|
||
-  [@Bourne-ID](https://github.com/Bourne-ID)
|
||
-  [@akwan](https://github.com/akwan)
|
||
-  [@trangmaiq](https://github.com/trangmaiq)
|
||
|
||
If you feel you're missing from this list, feel free to add yourself in a PR.
|
||
|
||
## Stargazers over time
|
||
|
||
[](https://starchart.cc/khuedoan/homelab)
|