Welcome to my personal Kubernetes homelab repository. This repository serves as the single source of truth for the declarative state of my infrastructure and applications, managed entirely via a GitOps workflow.
This project is built around a modern Cloud Native stack designed for reproducibility, automation, and security:
- Operating System: Talos Linux - A secure, immutable, and minimal OS designed specifically for Kubernetes.
- Orchestration: Kubernetes
- GitOps Operator: Flux CD - Automatically synchronizes cluster state with this repository.
- Secrets Management: SOPS - Securely encrypts secrets in Git before they are deployed and decrypted in the cluster.
Changes pushed to this repository are automatically detected by Flux, which provisions infrastructure changes and deploys workloads.
graph LR
subgraph Git["Git Repository"]
direction TB
Configs["Infrastructure Configs"]
Apps["Application Manifests"]
Secrets["Encrypted Secrets"]
end
Flux{"Flux CD"}
subgraph K8s["Talos Kubernetes Cluster"]
direction TB
Infra["Core Infrastructure<br/>(Network, Storage)"]
AppLayer["User Applications<br/>(Media, LLMs, Dashboards)"]
end
Configs -.->|"Syncs"| Flux
Apps -.->|"Syncs"| Flux
Secrets -.->|"Decrypts"| Flux
Flux --->|"Provisions"| Infra
Flux --->|"Deploys"| AppLayer
apps/: Kubernetes manifests for user-facing applications.- Media & Audiobooks: Jellyfin, Audiobookshelf, *arr stack (Radarr, Sonarr, etc.).
- Tools & Dev: Code-Server, Kasm, Filebrowser.
- AI / LLMs: Llama.cpp deployments.
- Dashboards: Glance, Grafana.
infrastructure/: Core cluster infrastructure including networking, persistent storage (Longhorn), observability, and Flux controllers.clusters/: Flux entry points and rootkustomizationfiles for synchronizing the cluster state.talos/: Machine configurations and bootstrap files for Talos Linux nodes encrypted using SOPS.
For more in-depth operational guides, refer to the docs/ directory.