This repo contains the configuration files and scripts for managing my Kubernetes homelab infrastructure.
All apps are deployed/configured via GitOps using ArgoCD.
The homelab consists of Dell OptiPlex servers, each with the following specifications:
🟢 3x Nodes 🟢
- Model: Dell Optiplex 7040 Desktop PC Mini
- CPU: Intel i5-6500T
- RAM: 16GB DDR4
- Storage: 256GB SSDs
- OS: Ubuntu 24
End User Applications
| Logo | Name | Description |
|---|---|---|
 |
Audiobookshelf | Self-hosted audiobook and podcast server |
Applications/services core to the cluster
| Logo | Name | Description |
|---|---|---|
 |
ArgoCD | Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. |
 |
Istio | For ingress and service mesh |
 |
Authentik | Used for SSO and other auth workflows. |
 |
cert-manager | X.509 certificate management for Kubernetes. |
 |
Cloudflare Zero Trust | Used for private tunnels to expose public services (without requiring a public IP). |
 |
Grafana | The open observability platform. |
 |
Prometheus | An open-source monitoring system with a dimensional data model, flexible query language, efficient time series database and modern alerting approach. |
 |
Renovate | Automated dependency updates. |
 |
Sealed Secrets | A Kubernetes controller and tool for one-way encrypted Secrets. |
Tools used for managing the cluster
| Logo | Name | Description |
|---|---|---|
 |
Ansible | An automation platform for bootstrapping the physical nodes. |
- setup kube-prometheus-stack monitoring stack
- setup argocd
- expose kiali
- setup local identity provider with authentik
- Setup federated identity for apps
- Setup cloudflare tunnel for public access
- Setup Falco for runtime security