This projects contains the configuration of my home lab setup. It is a collection of docker compose files which configures all the applications

The docker workload is run on my Lenovo Windows Laptop

1. Create a docker network. This will be used for all containers running in the docker host related to homelab.

   docker network create homelab-network
   

2. Create a volume for portainer so that the data is persistent across compose up's and down's.

   docker volume create portainer-data
   

This is the gateway to the homelab, which is exposed to the internet.

It used Cloudflare Tunnel to establish a reverse tunnel to the cloudflare's network.

Set the following environment variables in the .env file

CLOUDFLARE_TUNNEL_TOKEN=<token>

Then start the gateway using the following command

docker compose -f compose.gateway.yaml up -d

Traefik is the reverse proxt to homelab, to manage routing, SSL, and other configurations for HTTP trafic management within the Docker instance.

1. Create a self-signed cert openssl req -newkey rsa:4096 -nodes -keyout ./keycloak/secrets/key.pem -x509 -days 365 -out ./keycloak/secrets/certificate.pem
2. Create volume for postgres docker volume create homelab-postgres-data

https://homelab.kopparam.com/portainer

Portainer is a nice UI to manage the Docker Desktop instance.

A minimal and beautiful SSH based application to host git repositories.

3 node Kubernetes cluster on RaspberryPis

Add this to the rc file

# SOPS + AGE
export SOPS_AGE_KEY_FILE=$HOME/.sops/key.txt
export HELM_SECRETS_BACKEND=sops

Add the private key to the .sops/key.txt

Add secrets using sops

sops -e plainsecrets.yaml

Configure Application Instrumentation After the Helm chart is deployed, you will need to configure your application instrumentation to send telemetry data to Grafana Alloy using one of these addresses:

OTLP/gRPC endpoint: http://grafana-k8s-monitoring-grafana-agent.lgtm.svc.cluster.local:4317

OTLP/HTTP endpoint: http://grafana-k8s-monitoring-grafana-agent.lgtm.svc.cluster.local:4318

Zipkin endpoint: grafana-k8s-monitoring-grafana-agent.lgtm.svc.cluster.local:9411

This creates a Cepf Object and FileSystem Storageclasses in Kubernetes using Rook. Block devices are explicitly disabled as the required modules are not included in the kernel od RaspberryPi OS.

It uses a single replica for all the object pools as I plan to use this for CloudnativePG, which has replication built in. This is the reason this POC needs a single thumb drive and a single partition on it.

1 x 64 GB USB 3 thumb drive inserted in rpi5-02's blue USB ports

Caution: These steps destroy all data on the drive, execute by making sure the device being wiped with step 1

1. Note the device name, for me it was /dev/sda sudo fdisk -l
2. Clear the drive, by zero'ing out first 100MB of the drive sudo dd if=/dev/zero of=/dev/sda bs=1M count=100 oflag=direct,dsync
3. Create a single empty partition on the drive, this is because ceph does not like removable drives and a bug which thinks the drive is less than 5 GB
   1. sudo fdisk /dev/sda
   2. g # Create a new partition table
   3. n # Create a new partition
   4. Press enter for partition number, start and end sectors
   5. w # Save and exit
4. sudo partprobe /dev/sda

Run ansible/rook-ceph.yaml

helmfile apply --skip-diff-on-install