Brimdor's Homelab
Features • Get Started • Documentation
This project utilizes Infrastructure as Code and GitOps to automate provisioning, operating, and updating self-hosted services in my homelab. It can be used as a highly customizable framework to build your own homelab.
What is a homelab?
Homelab is a laboratory at home where you can self-host, experiment with new technologies, practice for certifications, and so on. For more information about homelab in general, see the r/homelab introduction.
Overview
Project status: BETA
This project is still in the experimental stage, and I don't use anything critical on it. Expect breaking changes that may require a complete redeployment. A proper upgrade path is planned for the stable release. More information can be found in the roadmap below.
Hardware
- 8 × Lenovo Thinkcentre M700:
- CPU:
Intel Core i5-6600T @ 2.70GHz - RAM:
16GB - SSD:
128GB
- CPU:
- 1 x Lenovo Thinkcentre M900:
- CPU:
Intel Core i7-6700 @ 4.0GHz - RAM:
32GB - SSD:
1TB
- CPU:
- Protectli Vault FW2B:
- CPU:
Intel Dual Core - RAM:
4GB - SSD:
32GB
- CPU:
- Linksys
LGS124Unmanaged Switch:- PORTS:
24 - BANDWIDTH:
10/100/1000
- PORTS:
- Custom NAS:
- Operating System:
UNRAID - HDD:
6 NAS Rated Drives - SSD:
2 for Cache
- Operating System:
Features
- Common applications: Gitea, Seafile, Jellyfin, Paperless...
- Automated bare metal provisioning with PXE boot
- Automated Kubernetes installation and management
- Installing and managing applications using GitOps
- Automatic rolling upgrade for OS and Kubernetes
- Automatically update apps (with approval)
- Modular architecture, easy to add or remove features/components
- Automated certificate management
- Automatically update DNS records for exposed services
- VPN without port forwarding
- Expose services to the internet securely with Cloudflare Tunnel
- CI/CD platform
- Private container registry
- Distributed storage
- Support multiple environments (dev, prod)
- Monitoring and alerting
- Automated offsite backups 🚧
- Single sign-on
- Infrastructure testing
Tech stack
| Logo | Name | Description |
|---|---|---|
 |
Ansible | Automate bare metal provisioning and configuration |
 |
ArgoCD | GitOps tool built to deploy applications to Kubernetes |
 |
cert-manager | Cloud native certificate management |
 |
Cilium | eBPF-based Networking, Observability and Security (CNI, LB, Network Policy, etc.) |
 |
Cloudflare | DNS and Tunnel |
 |
Docker | Ephemeral PXE server and convenient tools container |
 |
ExternalDNS | Synchronizes exposed Kubernetes Services and Ingresses with DNS providers |
 |
Fedora Server | Base OS for Kubernetes nodes |
 |
Gitea | Self-hosted Git service |
 |
Grafana | Observability platform |
 |
Helm | The package manager for Kubernetes |
 |
K3s | Lightweight distribution of Kubernetes |
 |
Kanidm | Modern and simple identity management platform |
 |
Kubernetes | Container-orchestration system, the backbone of this project |
 |
Loki | Log aggregation system |
 |
NGINX | Kubernetes Ingress Controller |
 |
ntfy | Notification service to send notifications to your phone or desktop |
 |
Prometheus | Systems monitoring and alerting toolkit |
 |
Renovate | Automatically update dependencies |
 |
Rook Ceph | Cloud-Native Storage for Kubernetes |
 |
Tailscale | VPN without port forwarding |
 |
Wireguard | Fast, modern, secure VPN tunnel |
 |
Woodpecker CI | Simple yet powerful CI/CD engine with great extensibility |
 |
Zot Registry | Private container registry |
Get Started
- Deploy on real hardware for production workload
Roadmap
See roadmap and open issues for a list of proposed features and known issues.
Contributing
Any contributions you make are greatly appreciated.
Please see contributing guide for more information.
License
Copyright © 2020 - 2022 Brimdor (Edited by Brimdor) based on khuedoan/homelab
Distributed under the GPLv3 License.
See license page or LICENSE.md file for more information.
Acknowledgements
Based on work originating from khuedoan/homelab - Buy him a coffee!!