Skip to content

colinhuckstep/homelab

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

56 Commits
inventories
inventories
 
 
playbooks
playbooks
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
ansible.cfg
ansible.cfg
 
 
requirements.yml
requirements.yml
 
 

Repository files navigation

Description

This is the Ansible Playbooks for building/rebuilding/adding a node to my homelab. The new-host.yml playbook will patch all nodes to latest then install k3s, Tailscale, PowerPanel (On the node controlling the UPS), and Staship Shell. Any necessary pre-reqs will be installed either by the pre-reqs role or the role for the specific service.

Assumptions/Pre-reqs

  • A workstation with Ansible Engine installed and a basic understanding of using Ansible
  • S3 Compatible Storage for etcd backups
  • Nodes are Running Debian(Ubuntu will probably work too)
  • Secrets Management is up to you. Look at the placeholder.yml in the get-secrets role to see how secrets are used in the project.
  • A Tailscale subscription - comment out in the new-host.yml if you don't need it
    • Tailscale is installed directly on the hosts incase the K3S cluster has issues.
  • A PowerPanel Cloud Subscription - comment out in the new-host.yml if you don't need it
    • This is for Cyberpower UPS. One of my nodes has a USB connection to the UPS. One of these days I'll get around to writing custom shutdown scripts to power off the other two node first.

Inventory

An example inventory file is provided at inventories/example.yml It is non-functional and would need updated with the current node names, IPs, user.

HA

KeepaliveD is used for HA in Active/Passive/Passive with Node1 as the primary. I've used MetalLB in the past but it felt overkill for my homelab and didn't make the API HA. This can probably be imporoved on be creating a second VIP for Ingress LB.

k3s Setup Notes

  • Traefik is Disabled
  • ServiceLB is disable and MetalLB is installed.
  • Nginx Ingress is Installed
  • Cert Manager is installed with Cloudflare DNS Challenge and Let's Encrypt
  • A default Wildcard Cert is created for secrets.k3s.url and attached to Nginx
  • External DNS is installed with Cloudflare DNS
  • ArgoCD is installed
  • Longhorn - I've leve the longhorn role in, but I don't use it. I had performance issues on my low power nodes using distributed storage.
  • local-path storage - I've reverted to using local path storage and using node labels to pin persistent pods to persistent storage.
  • One of my nodes has a secondary drive. I've exposed it via NFS to handle some distributed like storage. Yes it's a a single point of failure but I use rclone to backup any critical data to cloud storage. In the case of catastrophic failure I can restore from backups.

Tailscale Note

If you uninstall k3s, it breaks the subnet routes for tailcale. you will need to re-run new-host.yml playbook to fix this.

About

No description, website, or topics provided.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages