Skip to content

Brimdor's Homelab

FeaturesGet StartedDocumentation

This project utilizes Infrastructure as Code and GitOps to automate provisioning, operating, and updating self-hosted services in my homelab. It can be used as a highly customizable framework to build your own homelab.

What is a homelab?

Homelab is a laboratory at home where you can self-host, experiment with new technologies, practice for certifications, and so on. For more information about homelab in general, see the r/homelab introduction.

Overview

Project status: BETA

This project is still in the experimental stage, and I don't use anything critical on it. Expect breaking changes that may require a complete redeployment. A proper upgrade path is planned for the stable release. More information can be found in the roadmap below.

Hardware

  • 8 × Lenovo Thinkcentre M700:
    • CPU: Intel Core i5-6600T @ 2.70GHz
    • RAM: 16GB
    • SSD: 128GB
  • 1 x Lenovo Thinkcentre M900:
    • CPU: Intel Core i7-6700 @ 4.0GHz
    • RAM: 64GB
    • SSD: 1TB
    • GPU: Geforce RTX 3090
  • 1 x Lenovo Thinkcentre M900:
    • CPU: Intel Core i7-6700 @ 4.0GHz
    • RAM: 32GB
    • SSD: 1TB
    • GPU: Geforce GTX 1650
  • OPNSense:
    • CPU: Intel Quad Core
    • RAM: 8GB
    • SSD: 128GB
  • Linksys LGS124 Unmanaged Switch:
    • PORTS: 24
    • BANDWIDTH: 10/100/1000
  • Custom NAS:
    • Operating System: UNRAID
    • HDD: 6 NAS Rated Drives
    • SSD: 2 for Cache

Features

  • Common applications: Gitea, Seafile, Jellyfin, Paperless...
  • Automated bare metal provisioning with PXE boot
  • Automated Kubernetes installation and management
  • Installing and managing applications using GitOps
  • Automatic rolling upgrade for OS and Kubernetes
  • Automatically update apps (with approval)
  • Modular architecture, easy to add or remove features/components
  • Automated certificate management
  • Automatically update DNS records for exposed services
  • VPN without port forwarding
  • Expose services to the internet securely with Cloudflare Tunnel
  • CI/CD platform
  • Private container registry
  • Distributed storage
  • Support multiple environments (dev, prod)
  • Monitoring and alerting
  • Automated offsite backups 🚧
  • Single sign-on
  • Infrastructure testing

Tech stack

Logo Name Description
Ansible Automate bare metal provisioning and configuration
ArgoCD GitOps tool built to deploy applications to Kubernetes
cert-manager Cloud native certificate management
Cilium eBPF-based Networking, Observability and Security (CNI, LB, Network Policy, etc.)
Cloudflare DNS and Tunnel
Docker Ephemeral PXE server and convenient tools container
ExternalDNS Synchronizes exposed Kubernetes Services and Ingresses with DNS providers
Fedora Server Base OS for Kubernetes nodes
Gitea Self-hosted Git service
Grafana Observability platform
Helm The package manager for Kubernetes
K3s Lightweight distribution of Kubernetes
Kanidm Modern and simple identity management platform
Kubernetes Container-orchestration system, the backbone of this project
Loki Log aggregation system
NGINX Kubernetes Ingress Controller
ntfy Notification service to send notifications to your phone or desktop
Prometheus Systems monitoring and alerting toolkit
Renovate Automatically update dependencies
Rook Ceph Cloud-Native Storage for Kubernetes
Tailscale VPN without port forwarding
Wireguard Fast, modern, secure VPN tunnel
Woodpecker CI Simple yet powerful CI/CD engine with great extensibility
Zot Registry Private container registry

Get Started

Roadmap

See roadmap and open issues for a list of proposed features and known issues.

Contributing

Any contributions you make are greatly appreciated.

Please see contributing guide for more information.

License

Copyright © 2020 - 2022 Brimdor (Edited by Brimdor) based on khuedoan/homelab

Distributed under the GPLv3 License. See license page or LICENSE.md file for more information.

Acknowledgements

Based on work originating from khuedoan/homelab - Buy him a coffee!!