This projects contains the configuration of my home lab setup. It is a collection of docker compose files which configures all the applications
The docker workload is run on my Lenovo Windows Laptop
- Create a docker network. This will be used for all containers running in the docker host related to homelab.
docker network create homelab-network - Create a volume for portainer so that the data is persistent across compose up's and down's.
docker volume create portainer-data
This is the gateway to the homelab, which is exposed to the internet.
It used Cloudflare Tunnel to establish a reverse tunnel to the cloudflare's network.
Set the following environment variables in the .env file
CLOUDFLARE_TUNNEL_TOKEN=<token>Then start the gateway using the following command
docker compose -f compose.gateway.yaml up -d
Traefik is the reverse proxt to homelab, to manage routing, SSL, and other configurations for HTTP trafic management within the Docker instance.
- Create a self-signed cert
openssl req -newkey rsa:4096 -nodes -keyout ./keycloak/secrets/key.pem -x509 -days 365 -out ./keycloak/secrets/certificate.pem - Create volume for postgres
docker volume create homelab-postgres-data
https://homelab.kopparam.com/portainer
Portainer is a nice UI to manage the Docker Desktop instance.
Softserve - Git Server
A minimal and beautiful SSH based application to host git repositories.
3 node Kubernetes cluster on RaspberryPis
Add this to the rc file
# SOPS + AGE
export SOPS_AGE_KEY_FILE=$HOME/.sops/key.txt
export HELM_SECRETS_BACKEND=sops
Add the private key to the .sops/key.txt
Add secrets using sops
sops -e plainsecrets.yaml
Configure Application Instrumentation After the Helm chart is deployed, you will need to configure your application instrumentation to send telemetry data to Grafana Alloy using one of these addresses:
OTLP/gRPC endpoint: http://grafana-k8s-monitoring-grafana-agent.lgtm.svc.cluster.local:4317
OTLP/HTTP endpoint: http://grafana-k8s-monitoring-grafana-agent.lgtm.svc.cluster.local:4318
Zipkin endpoint: grafana-k8s-monitoring-grafana-agent.lgtm.svc.cluster.local:9411
This creates a Cepf Object and FileSystem Storageclasses in Kubernetes using Rook. Block devices are explicitly disabled as the required modules are not included in the kernel od RaspberryPi OS.
It uses a single replica for all the object pools as I plan to use this for CloudnativePG, which has replication built in. This is the reason this POC needs a single thumb drive and a single partition on it.
1 x 64 GB USB 3 thumb drive inserted in rpi5-02's blue USB ports
Caution: These steps destroy all data on the drive, execute by making sure the device being wiped with step 1
- Note the device name, for me it was
/dev/sdasudo fdisk -l - Clear the drive, by zero'ing out first 100MB of the drive
sudo dd if=/dev/zero of=/dev/sda bs=1M count=100 oflag=direct,dsync - Create a single empty partition on the drive, this is because ceph does not like removable drives and a bug which thinks the drive is less than 5 GB
sudo fdisk /dev/sdag # Create a new partition tablen # Create a new partition- Press enter for partition number, start and end sectors
w # Save and exit
sudo partprobe /dev/sda
Run ansible/rook-ceph.yaml
helmfile apply --skip-diff-on-install