The goal of this project is to create a repeatable and reusable framework to structure your homelab with. We will implement CICD, gitops, containers and kubernetes.

We will have 5 essential pieces

• Network
• Repository
• Compute Resources
• Runners
• Domain/Certificates

Compute

These are resources we will deploy containers and VMs to. In this example I will use Proxmox on a server i built with 6 cores and 32Gb RAM. It has a 1TB SSD

Synology NAS with 12TB of Storage. Will also run a few lightweight containers on here like a pihole(< 100Mb RAM).

I also have a rasberry pi running on a 120GB M.2 SSD, i highly reccomend grabbing a cheap M.2 SSD and an external m.2 SSD to USB 3.0 adapter. This will greatly improve the performace and you can just use the rasberry pi imager to flash the drive with Ubuntu.

I also Have some old Macbooks that im going to use to create a kubernetes cluster on or run a database.

Network

This is where we will define our network infrastructure and subnets.

I will be using a virtualized PfSense on Proxmox and passthrough a network card. I will use this to divide out the network and create firewall rules on. Unfortunately there is not a Terraform provider for PfSense

For a Switch i will use a 24 port Unifi Managed Switch and a Unifi Wireless Access Point

DNS we will use pihole and terraform to deploy records to all instances.

Repository

We will use Gitlab as our private repo to manage our infrastructure and projects. We will also use gitlab Terraform Backends for State.

Runners

Since we are using gitlab we will stick with gitlab runners and deploy them in docker and kubernetes

We will also use ArgoCD for kubernetes CICD and Gitops

Domain/Certificates

We want https and encryption so we will get a domain through Google Domains and register it to Cloudflare. Using Traefik and Cert Manager we will get certificates from lets encrypt and automate the renewal.

We will do our best to follow gitops and describe as much infrastructure as possible with code

We will, however, need to bootstrap our environment with Proxmox, a Gitlab runner, and Portainer.

Part of the fun of kubernetes is learning to manage the cluster, We will bootstrap the first node and then the first agent. After those we will use packer to create a template that will auto connect an agent node to the cluster using terraform and proxmox.

Would like to figure out Ansible in the future to automatically privision the cluster in the future but for now this will do.

To manage secrets we will use bitwarden as described in my previous post