back to home

khuedoan / homelab

Fully automated homelab from empty disk to running services with a single command.

9,133 stars
857 forks
13 issues
PythonGoHCL
Chat with CodebaseArchitecture ScanSecurity AuditExplain Codebase

AI Architecture Analysis

This repository is indexed by RepoMind. By analyzing khuedoan/homelab in our AI interface, you can instantly generate complete architecture diagrams, visualize control flows, and perform automated security audits across the entire codebase.

Our Agentic Context Augmented Generation (Agentic CAG) engine loads full source files into context on-demand, avoiding the fragmentation of traditional RAG systems. Ask questions about the architecture, dependencies, or specific features to see it in action.

Source files are only loaded when you start an analysis to optimize performance.
Click here to launch the interactive analysis workspace

Embed this Badge

Showcase RepoMind's analysis directly in your repository's README.

[![Analyzed by RepoMind](https://img.shields.io/badge/Analyzed%20by-RepoMind-4F46E5?style=for-the-badge)](https://repomind.in/repo/khuedoan/homelab)
Preview:Analyzed by RepoMind

Repository Summary (README)

Preview

Khue's Homelab

FeaturesGet StartedDocumentation

tag document license stars

This project utilizes Infrastructure as Code and GitOps to automate provisioning, operating, and updating self-hosted services in my homelab. It can be used as a highly customizable framework to build your own homelab.

What is a homelab?

Homelab is a laboratory at home where you can self-host, experiment with new technologies, practice for certifications, and so on. For more information, please see the r/homelab introduction and the Home Operations Discord community (formerly known as k8s-at-home).

If you encounter an issue, please create a bug report (avoid asking for support about issues specific to this project in other communication channels).

Overview

Project status: ALPHA

This project is still in the experimental stage, and I don't use anything critical on it. Expect breaking changes that may require a complete redeployment. A proper upgrade path is planned for the stable release. More information can be found in the roadmap below.

Hardware

Hardware

  • 4 × NEC SFF PC-MK26ECZDR (Japanese version of the ThinkCentre M700):
    • CPU: Intel Core i5-6600T @ 2.70GHz
    • RAM: 16GB
    • SSD: 128GB
  • TP-Link TL-SG108 switch:
    • Ports: 8
    • Speed: 1000Mbps

Features

  • Common applications: Gitea, Jellyfin, Paperless...
  • Automated bare metal provisioning with PXE boot
  • Automated Kubernetes installation and management
  • Installing and managing applications using GitOps
  • Automatic rolling upgrade for OS and Kubernetes
  • Automatically update apps (with approval)
  • Modular architecture, easy to add or remove features/components
  • Automated certificate management
  • Automatically update DNS records for exposed services
  • VPN (Tailscale or Wireguard)
  • Expose services to the internet securely with Cloudflare Tunnel
  • CI/CD platform
  • Private container registry
  • Distributed storage
  • Support multiple environments (dev, prod)
  • Monitoring and alerting
  • Automated backup and restore
  • Single sign-on
  • Infrastructure testing

Some demo videos and screenshots are shown here. They can't capture all the project's features, but they are sufficient to get a concept of it.

Demo
Deploy with a single command (after updating the configuration files)
PXE boot
Observe network traffic with Hubble, built on top of Cilium and eBPF
Homepage powered by... Homepage
Monitoring dashboard powered by Grafana
Git server powered by Gitea
Matrix chat server
Continuous integration with Woodpecker CI
Continuous deployment with ArgoCD
ntfy displaying received alerts
Self-hosted AI powered by Ollama (experimental, not very fast because I don't have a GPU)

Tech stack

LogoNameDescription
AnsibleAutomate bare metal provisioning and configuration
ArgoCDGitOps tool built to deploy applications to Kubernetes
cert-managerCloud native certificate management
CiliumeBPF-based Networking, Observability and Security (CNI, LB, Network Policy, etc.)
CloudflareDNS and Tunnel
DockerEphemeral PXE server
ExternalDNSSynchronizes exposed Kubernetes Services and Ingresses with DNS providers
Fedora ServerBase OS for Kubernetes nodes
GiteaSelf-hosted Git service
GrafanaObservability platform
HelmThe package manager for Kubernetes
K3sLightweight distribution of Kubernetes
KanidmModern and simple identity management platform
KubernetesContainer-orchestration system, the backbone of this project
LokiLog aggregation system
NGINXKubernetes Ingress Controller
NixConvenient development shell
ntfyNotification service to send notifications to your phone or desktop
PrometheusSystems monitoring and alerting toolkit
RenovateAutomatically update dependencies
Rook CephCloud-Native Storage for Kubernetes
TailscaleVPN without port forwarding
WireguardFast, modern, secure VPN tunnel
Woodpecker CISimple yet powerful CI/CD engine with great extensibility
Zot RegistryPrivate container registry

Get Started

Roadmap

See roadmap and open issues for a list of proposed features and known issues.

Contributing

Any contributions you make are greatly appreciated.

Please see contributing guide for more information.

License

Copyright © 2020 - 2024 Khue Doan

Distributed under the GPLv3 License. See license page or LICENSE.md file for more information.

Acknowledgements

References:

Here is a list of the contributors who have helped to improve this project. Big shout-out to them!

If you feel you're missing from this list, please feel free to add yourself in a PR.

Stargazers over time

Stargazers over time