Skip to content

bl-robinson/home-flux

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

481 Commits
clusters/home
clusters/home
 
 
README.md
README.md
 
 

Repository files navigation

Home-Flux

This repository should be configured as a Target for fluxcd

The basic elements are

  1. A GitRepository pointing at this
  2. A Kustomization pointing at the cluster root folder. (It will read the kustomization.yaml and then follow resources from there. )

Example required to get it applied.

apiVersion: source.toolkit.fluxcd.io/v1
kind: GitRepository
metadata:
  name: home-flux
spec:
  interval: 5m0s
  ref:
    branch: master
  url: https://github.com/bl-robinson/home-flux.git
  secretRef:
    name: git-token
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
  name: home-flux
  namespace: flux-system
spec:
  interval: 10m
  sourceRef:
    kind: GitRepository
    name: home-flux
  path: "./clusters/home/"
  prune: true
  timeout: 1m

I have actively chosen to split independent 'Applications' into their own Kustomizations to allow...

  1. One being broken will not block others
  2. I can easily remove/add sections of this repo by just commenting them out in the root kustomization.yaml

Things I would like to improve

  • I would like to stop using a nginx proxy server when the "Gateway" Should be able to handle it for me.
    • Problems here are...
      • Some things (unifi) expect to be spoken to https so HTTPRoutes don't work. Cillium does not yet support TCPRoutes so I can't use the method documented here.
      • Other things shared ports and NEED TCP/UDP routing (Adguard / DNS / mail)
      • Container registry. 'Could' be done but would required a secondary 'TLS termination' listener with specific host config But this feels wrong to configure in place here when everything else is done in the container-registry folder.
  • DNS is a forever problem which would be nice if I could find a solution for it... (maybe I manage public DNS in IaC then stop running a local DNS server?) (Is this possible with my provider)
    • This would allow me to remove hacks from here and here
    • Integrate adguard into this directly somehow?
  • Applications missing...
    • Monitoring - This mostly works now...
    • Logging - This is setup! Works with a combination of the logging operator and loki
    • Immich - This really is going to demand a better persistent store solution... I have worked around the immediate requirement by tidying up my G-Cloud storage a bit.
    • Home Assistant? - Not really been used recently so can probably not worry about until I have a future need...
    • mailserver - I have a year of AWS free tier... so going to leave it there "for now" until I consider moving it back...
  • Data server
    • This really should not be another VM. Invest in a proper fileserver at some point.

BUGS

  • Sometimes adding new HTTPRoutes does not work...
    • They are accepted by the API... But... Cillium does not "Accept" them.
    • If the HTTPRoute does not have a Status "Accepted HTTPRoute" try restarting cillium deployments/daemonsets. (I have not worked out exactly what made this work yet.)

About

K8s home flux repo

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •