![samip5-bot[bot]](https://avatars.githubusercontent.com/u/1703002?v=4&size=40){kind=avatar}
| Tool | Purpose |
|---|---|
| flux | Operator that manages your k8s cluster based on your Git repository |
| go-task | A task runner / simpler Make alternative written in Go |
| sops | Encrypts k8s secrets with GnuPG |
| Node | Hostname | RAM | Storage | Function | Operating System |
|---|---|---|---|---|---|
| Raspberry Pi Compute Module 4 | w7 | 8GB | 2TB SSD | Kube Worker | Talos |
| Raspberry Pi Compute Module 4 | cm4-1 | 8GB | 32GB eMMC | Kube Worker | Talos |
| Lenovo ThinkCentre M910q Tiny | w-amd-1 | 32GB | 1TB Kingston DC SSD + 256GB SSD | Kube Worker | Talos |
| Random Chinese N100 board | w-amd-2 | 32GB | 480GB Transcend SSD, 275GB Crucial SSD + 320GB HDD | Kube Worker | Talos |
| HP EliteDesk 800 G2 | w-amd-3 | 32GB | 256GB SSD | Kube Worker | Talos |
| Lenovo ThinkCentre M910q Tiny | m1 | 16GB | 256GB SSD x 2 | Kube Master | Talos |
| Node | Hostname | RAM | Storage | Function | Operating System |
|---|---|---|---|---|---|
| Synology NAS | NAS | 16GB | 2 x 3TB HDD (SMR for backups), 2 x 8TB HDD, 1 TB NVME, 256GB NVME for storage pool cache | NFS Server | DSM 7 |
| Vendor | Model | Function |
|---|---|---|
| Juniper | EX2200-48P-4g | Hallway switch with PoE+ and fiber uplinks to rack |
| Juniper | EX3300-48P | Rack switch with PoE++ and 10G SFP+ |
| TP-Link | TL-SG108E | Bedroom switching behind desk |
| Mikrotik | RB5009 | Main router |
All nodes are connected to a dual-stack network, with private IPv4 and public IPv6. Kubernetes' nodes are on their own VLAN which has access to the NAS.
While most of my infrastructure and workloads are self-hosted I do rely upon the cloud for certain key parts of my setup. This saves me from having to worry about two things. (1) Dealing with chicken/egg scenarios and (2) services I critically need whether my cluster is online or not.
The alternative solution to these two problems would be to host a Kubernetes cluster in the cloud and deploy applications like HCVault, Vaultwarden, ntfy, and Gatus. However, maintaining another cluster and monitoring another group of workloads is a lot more time and effort than I am willing to put in.
| Service | Use | Cost |
|---|---|---|
| Cloudflare | Domain(s) and S3 | ~$20/yr |
| GitHub | Hosting this repository and continuous integration/deployments | Free |
| Mailbox | Email hosting | ~30€/12 months |
| NextDNS | My router DNS server which includes AdBlocking | ~$20/yr |
| Kapsi internet-users association | Hosts my off-site backup aka minio (S3) and own website | 40€/yr |
| Bilance | Budgeting app for iOS and Android | ~30€/yr |
| 1Password | External Secrets and secret management | 20€/yr (Student discount) |
| Total: ~140€/yr |
![@samip5-bot[bot]](https://avatars.githubusercontent.com/u/1703002?s=64&v=4){kind=small}
![@renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=64&v=4){kind=small}
![@github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=64&v=4){kind=small}