... managed with Flux, SOPS, and GitHub Actions 🤖
This repository contains the configuration for my home infrastructure and Kubernetes cluster. I follow Infrastructure as Code (IaC) and GitOps practices using tools like Talos Linux, Kubernetes, Flux, SOPS, and GitHub Actions.
My Kubernetes cluster is deployed with Talos Linux on a single powerful node. For persistent storage, I use OpenEBS HostPath and OpenEBS ZFS.
- cert-manager: Automates the creation and management of TLS certificates.
- cilium: Provides networking, security, and observability for the cluster.
- external-secrets: Syncs secrets from external APIs into Kubernetes.
- ingress-nginx: Acts as a reverse proxy and load balancer for Kubernetes services.
- sops: Encrypts and manages secrets within Git.
Flux monitors the kubernetes directory in this repository and ensures the cluster state matches the configuration. Changes pushed to the main branch are automatically applied to the cluster.
I use GitHub Actions for continuous integration and deployment workflows, leveraging self-hosted GitHub runners within the cluster for execution.
While the core infrastructure is self-hosted, I utilize a few cloud services for critical functionalities:
| Service | Purpose | Cost |
|---|---|---|
| Migadu | Email hosting | ~$90/year |
| Cloudflare | DNS and domain management | ~$8/month |
| GitHub | Repository hosting and CI/CD pipelines | Free |
| Pushover | Application and system notifications | $5 one-time |
My network is managed using a UniFi Dream Machine Pro Max, which serves as the router, firewall, and DNS server for my home network.
- Case: Fractal Design Torrent
- Motherboard: ASUS Pro WS TRX50-SAGE
- CPU: AMD Ryzen™ Threadripper™ 7970X (32 cores, 64 threads)
- RAM: 192 GB (G.SKILL Zeta R5 NEO Series DDR5, 4× 48 GB)
- Boot Drive: Intel Optane 905p 960 GB (formatted with XFS)
- Persistent Volumes:
- 4× Intel Optane 905p 1.5 TB (configured as 2 mirrored VDEVs using ZFS)
- Adapter: GLOTRENDS PU41 Quad U.2 SSD to PCIe 4.0 X16
- GPU: NVIDIA Quadro P2200
- Cooling: SilverStone Technology XE360-TR5 AIO cooler
- Power Supply: FSP Twins Pro 900 W
- Network:
- Mellanox X5 ADAT 25 Gb
- CPU: AMD Ryzen Threadripper 3960X (24 cores, 48 threads)
- RAM: 256 GB
- Storage:
- HDDs: 12× 18 TB WD Red Pro (configured as 2 VDEVs in RAIDZ2)
- SLOG: 2× 2 TB WD 850x SSDs
- Power Supply: FSP Twins Pro 900 W
- Network:
- Mellanox X5 ADAT 25 Gb
I would like to express my gratitude to the following resources and communities that have significantly contributed to my home operations setup:
- kubesearch.dev: Provided configuration examples during my setup process.
- onedr0p's cluster template: Served as a bootstrap for my server configuration.
- Home Operations Discord Community: A supportive community where I received valuable advice and shared experiences.