Features • Get Started • Documentation
The project forked from khuedoan/homelab, 99% of the credit goes to him. Thanks Khuedoan.
✨HighLight:
Compared to the khuedoan/homelab project, the following adjustments have been made to this project:
- 🥾 Automated bare metal provisioning with netboot.xyz
- 🐧 OS changed to Ubuntu 24.04
- 🕸 Use Tailscale Operator replace nginx ingress/cert-manager/cloudflared/external-dns...; Install tailscale on node
- 🐝Cilium Tuning
Ubuntu: Kured adapts to ubuntu; The relevant packages are modified to ubuntu's; ubuntu sysctl tuning; automatic adapts to ubuntu; Disable root login and use normal user
Cilium Tuning: include: update version/native routing mode/bpf masquerade/DSR/Bypass iptables connection tracking/bandwidthManager/pod BBR/XDPAcceleration/netkit/servicemonitor/grafana dashboards...(However, the compatibility is relatively lower, and the network/hardware/OS requirements are higher.)
This project utilizes Infrastructure as Code and GitOps to automate provisioning, operating, and updating self-hosted services in my homelab. It can be used as a highly customizable framework to build your own homelab.
What is a homelab?
Homelab is a laboratory at home where you can self-host, experiment with new technologies, practice for certifications, and so on. For more information, please see the r/homelab introduction and the Home Operations Discord community (formerly known as k8s-at-home).
Project status: ALPHA
This project is still in the experimental stage, and I don't use anything critical on it. Expect breaking changes that may require a complete redeployment. A proper upgrade path is planned for the stable release. More information can be found in the roadmap below.
- 4 × Intel N100 Mini-hosts(3 x Jumper N100 Pro II + 1 x Cheshi N100):
- CPU:
Intel(R) N100 - RAM:
16GB(Jumper) or32GB(Cheshi) - SSD:
1TB
- CPU:
- XikeStor
SKS3200M-8GPY1XFswitch:- Ports:
8+1 - Speed: 8 x
2.5Gbpstwisted pair ports and 1 x 10G fiber optic port
- Ports:
- VPN (Tailscale) Interconnection, Offsite Office, Home Office, Anytime, Anywhere Intranet Access
- Common applications: Gitea, Jellyfin, Paperless...
- Automated bare metal provisioning with PXE boot - netboot.xyz
- Automated Kubernetes installation and management
- Installing and managing applications using GitOps
- Automatic rolling upgrade for OS and Kubernetes
- Automatically update apps (with approval)
- Modular architecture, easy to add or remove features/components
- Automated certificate management (Tailscale HTTPS)
- Automatically update DNS records for exposed services (Tailscale MagicDNS)
- Expose services to the internet securely with Tailscale Funnel
- CI/CD platform
- Private container registry
- Distributed storage
- Support multiple environments (dev, prod)
- Monitoring and alerting
- Automated backup and restore
- Single sign-on
- Infrastructure testing
Some demo videos and screenshots are shown here. They can't capture all the project's features, but they are sufficient to get a concept of it.
🐾Notes
My own demo videos haven't been recorded yet.
| Demo |
|---|
 |
| Deploy with a single command (after updating the configuration files) |
 |
| PXE boot |
 |
| netboot.xyz |
 |
 |
| Tailscale Kubernetes Operator, VPN/Tunnel/DNS/HTTPS/Certs/... |
 |
| Observe network traffic with Hubble, built on top of Cilium and eBPF |
 |
| Homepage powered by... Homepage |
 |
| Monitoring dashboard powered by Grafana |
 |
| Git server powered by Gitea |
 |
| Matrix chat server |
 |
| Continuous integration with Woodpecker CI |
 |
| Continuous deployment with ArgoCD |
 |
| ntfy displaying received alerts |
 |
| Self-hosted AI powered by Ollama (experimental, not very fast because I don't have a GPU) |
| Logo | Name | Description |
|---|---|---|
 |
Ansible | Automate bare metal provisioning and configuration |
 |
Netboot.xyz | Netboot your favorite operating systems in one place |
 |
ArgoCD | GitOps tool built to deploy applications to Kubernetes |
 |
Tailscale HTTPS Certs | Tailscale HTTPS Certificates |
 |
Cilium | eBPF-based Networking, Observability and Security (CNI, LB, Network Policy, etc.) |
|
Tailscale MagicDNS | DNS |
|
Tailscale Funnel | Tunnel |
 |
Docker | Ephemeral PXE server |
|
Tailscale Kubernetes Operator | Tailscale Kubernetes Operator lets you: K8s API Server Proxy; Ingress; Egress; DNS; Certs... |
 |
Ubuntu Server | Base OS for Kubernetes nodes |
 |
Gitea | Self-hosted Git service |
 |
Grafana | Observability platform |
 |
Helm | The package manager for Kubernetes |
 |
K3s | Lightweight distribution of Kubernetes |
 |
Kanidm | Modern and simple identity management platform |
 |
Kubernetes | Container-orchestration system, the backbone of this project |
 |
Loki | Log aggregation system |
 |
Nix | Convenient development shell |
 |
ntfy | Notification service to send notifications to your phone or desktop |
 |
Prometheus | Systems monitoring and alerting toolkit |
 |
Renovate | Automatically update dependencies |
 |
Rook Ceph | Cloud-Native Storage for Kubernetes |
 |
Woodpecker CI | Simple yet powerful CI/CD engine with great extensibility |
 |
Zot Registry | Private container registry |
- Try it out locally without any hardware (just 4 commands!)
- Deploy on real hardware for production workload
See roadmap and open issues for a list of proposed features and known issues.
Any contributions you make are greatly appreciated.
Please see contributing guide for more information.
Copyright © 2020 - 2024 East4Ming
Distributed under the GPLv3 License.
See license page or LICENSE.md file for more information.
References:
- Khue's Homelab
- Ephemeral PXE server inspired by Minimal First Machine in the DC
- ArgoCD usage and monitoring configuration in locmai/humble
- README template
- Run the same Cloudflare Tunnel across many
cloudflaredprocesses - MAC address environment variable in GRUB config
- Official k3s systemd service file
- Official Cloudflare Tunnel examples
- Initialize GitOps repository on Gitea and integrate with Tekton by RedHat
- SSO configuration from xUnholy/k8s-gitops
- Pre-commit config from k8s-at-home/flux-cluster-template
- Diátaxis technical documentation framework
- Official Terratest examples
- Self-host an automated Jellyfin media streaming stack
- App Template Helm chart by bjw-s
- Various application configurations in onedr0p/home-ops
Here is a list of the contributors who have helped to improve this project. Big shout-out to them!
@locmai
@MatthewJohn
@karpfediem
@linhng98
@elliotblackburn
@dotdiego
@Crimrose
@eventi
@Bourne-ID
@akwan
@trangmaiq
@tangowithfoxtrot
@raedkit
@ClashTheBunny
@retX0
If you feel you're missing from this list, please feel free to add yourself in a PR.
