A modern, containerized homelab infrastructure built with Kubernetes, GitOps principles, and Infrastructure as Code (IaC). This repository contains all configurations, applications, and automation scripts for managing a personal home laboratory environment.
This homelab setup provides a production-like environment for learning, experimentation, and hosting personal services. Built with modern DevOps practices, it enables rapid deployment and management of containerized applications in a home environment.
- GitOps Workflow: Declarative infrastructure management with version control
- Kubernetes Orchestration: Container orchestration for scalable application deployment
- Multi-Environment Support: Staging and production cluster configurations
- Automated Deployments: Continuous deployment of applications
- Infrastructure as Code: All configurations stored as code
- Dev Container Support: Consistent development environment
- Containerized Applications: Docker-based application packaging
- Service Discovery: Internal DNS and service mesh capabilities
homelab/
├── .devcontainer/ # Development container configuration
├── apps/ # Application definitions and configurations
├── clusters/ # Cluster configurations
│ └── staging/ # Staging environment setup
└── scripts/ # Automation and utility scripts
- Kubernetes: Container orchestration platform
- Docker: Containerization technology
- GitOps Tool: (Flux CD / ArgoCD) - Continuous deployment
- Shell Scripts: Automation and maintenance tasks
- Dev Containers: Reproducible development environment
- Git: Version control
- YAML: Configuration management
- Container Networking: Pod-to-pod communication
- Persistent Storage: Volume management
- Ingress Controller: External access management
- Kubernetes Cluster:
- K3s (recommended for homelab)
- K8s (standard Kubernetes)
- MicroK8s
- Or any other Kubernetes distribution
- kubectl: Kubernetes command-line tool
- Docker: Container runtime
- Git: Version control system
- Helm: (Optional) Package manager for Kubernetes
- Minimum:
- 2 CPU cores
- 4GB RAM
- 50GB storage
- Recommended:
- 4+ CPU cores
- 8GB+ RAM
- 100GB+ storage
- Multiple nodes for high availability
- Static IP address or DHCP reservation
- Port forwarding for external access (optional)
- Internal DNS resolution
git clone https://github.com/iminierai-aig/homelab.git
cd homelab# Install K3s
curl -sfL https://get.k3s.io | sh -
# Verify installation
sudo k3s kubectl get nodes# Follow official Kubernetes installation guide
# https://kubernetes.io/docs/setup/# Copy K3s config (if using K3s)
mkdir -p ~/.kube
sudo cp /etc/rancher/k3s/k3s.yaml ~/.kube/config
sudo chown $USER:$USER ~/.kube/config
# Verify connection
kubectl get nodes# Install Flux CLI
curl -s https://fluxcd.io/install.sh | sudo bash
# Bootstrap Flux
flux bootstrap github \
--owner=iminierai-aig \
--repository=homelab \
--branch=main \
--path=clusters/staging \
--personal# Install ArgoCD
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
# Access ArgoCD UI
kubectl port-forward svc/argocd-server -n argocd 8080:443# Applications will be automatically deployed via GitOps
# Monitor deployment status
kubectl get pods -AEdit cluster-specific settings in clusters/staging/:
# Example: flux-system configuration
apiVersion: v1
kind: Namespace
metadata:
name: flux-systemAdd new applications in the apps/ directory:
# Example: app deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-app
spec:
replicas: 2
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
containers:
- name: my-app
image: my-app:latestCreate a .env file or use Kubernetes Secrets:
# Create a secret
kubectl create secret generic my-secret \
--from-literal=key1=value1 \
--from-literal=key2=value2# List all applications
kubectl get deployments -A
# View application logs
kubectl logs -n namespace pod-name
# Scale application
kubectl scale deployment my-app --replicas=3
# Restart application
kubectl rollout restart deployment/my-app# Check node status
kubectl get nodes
# View all pods
kubectl get pods -A
# Check resource usage
kubectl top nodes
kubectl top pods -A# Port forward to access services locally
kubectl port-forward svc/service-name 8080:80
# List all services
kubectl get svc -AThis homelab can host various applications:
- Plex / Jellyfin - Media streaming
- Sonarr / Radarr - Media management
- Transmission / qBittorrent - Downloads
- Nextcloud - File storage and collaboration
- Home Assistant - Home automation
- Vaultwarden - Password management
- Prometheus - Metrics collection
- Grafana - Visualization
- Loki - Log aggregation
- GitLab / Gitea - Git hosting
- Jenkins / Drone - CI/CD
- Harbor - Container registry
- Pi-hole - DNS and ad-blocking
- Traefik / Nginx - Reverse proxy
- WireGuard - VPN
The repository includes a dev container configuration for consistent development:
# Open in VS Code with Dev Containers extension
code .
# Click "Reopen in Container"Execute automation scripts from the repository:
# Make scripts executable
chmod +x scripts/*.sh
# Run a script
./scripts/deploy.sh# Validate Kubernetes manifests
kubectl apply --dry-run=client -f apps/
# Test in staging environment
kubectl apply -f apps/ -n staging# Backup cluster configuration
kubectl get all -A -o yaml > cluster-backup.yaml
# Backup persistent volumes
# Use Velero or similar backup tools# Update K3s
curl -sfL https://get.k3s.io | sh -
# Update GitOps operator
flux install --export > clusters/staging/flux-system/gotk-components.yaml
# Update applications (via GitOps)
git pull origin main# Check pod status
kubectl describe pod pod-name
# View events
kubectl get events -A --sort-by='.lastTimestamp'
# Check logs
kubectl logs -f pod-name
# Debug networking
kubectl run debug --image=nicolaka/netshoot -it --rm- Use namespaces for isolation
- Implement RBAC (Role-Based Access Control)
- Use Network Policies to control traffic
- Encrypt secrets at rest
- Regular security updates
- Use private container registries
- Implement pod security policies
# Create sealed secrets (recommended)
kubectl create secret generic my-secret \
--from-literal=password=mypassword \
--dry-run=client -o yaml | \
kubeseal -o yaml > sealed-secret.yamlapiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: my-app-ingress
spec:
rules:
- host: app.homelab.local
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: my-app
port:
number: 80- ClusterIP: Internal cluster communication
- NodePort: Access via node IP and port
- LoadBalancer: External load balancer (if available)
- Ingress: HTTP/HTTPS routing
# Install Prometheus
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
helm install prometheus prometheus-community/kube-prometheus-stack- Node metrics
- Pod metrics
- Application metrics
- Network traffic
- Storage usage
- Resource limits and requests
- Horizontal Pod Autoscaling (HPA)
- Persistent volume optimization
- Image optimization and caching
- Node affinity and anti-affinity rules
- Regular etcd backups (for K8s)
- Persistent volume snapshots
- Configuration backups (Git)
- Database backups
- Restore cluster from backup
- Re-apply configurations via GitOps
- Restore persistent data
- Verify application functionality
Contributions are welcome! To contribute:
- Fork the repository
- Create a feature branch (
git checkout -b feature/NewFeature) - Commit your changes (
git commit -m 'Add NewFeature') - Push to the branch (
git push origin feature/NewFeature) - Open a Pull Request
- Add production cluster configuration
- Implement automated backups
- Add monitoring stack (Prometheus/Grafana)
- Set up service mesh (Istio/Linkerd)
- Implement centralized logging
- Add certificate management (cert-manager)
- Set up external DNS
- Implement disaster recovery procedures
- Add CI/CD pipelines
- Documentation for each application
# Get cluster info
kubectl cluster-info
# List all resources
kubectl get all -A
# Describe resource
kubectl describe <resource-type> <resource-name>
# Execute command in pod
kubectl exec -it pod-name -- /bin/bash
# Copy files to/from pod
kubectl cp local-file pod-name:/remote-path
# Apply configuration
kubectl apply -f config.yaml
# Delete resources
kubectl delete -f config.yaml- Kubernetes the Hard Way
- CNCF Landscape
- DevOps Toolkit YouTube Channel
This project is licensed under the MIT License - see the LICENSE file for details.
- Kubernetes community
- K3s by Rancher Labs
- Flux CD / ArgoCD teams
- Homelab community
For issues or questions:
- Open an issue on GitHub Issues
- Check the troubleshooting section
- Consult Kubernetes documentation
This is a personal homelab setup. While following best practices, it's designed for learning and experimentation. For production workloads, additional security hardening and reliability measures are recommended.
Happy Homelabbing! 🚀
Built with ❤️ for learning and self-hosting