언제든 파괴 가능한 홈랩!

flux homelab k3s kubernetes

Find a file

winetree94 3a8cc4355a feat: apps - karakeep - 0.29.3 업데이트		2025-12-21 03:18:40 +09:00
apps	feat: apps - karakeep - 0.29.3 업데이트	2025-12-21 03:18:40 +09:00
clusters/production	Add Flux sync manifests	2025-12-11 23:27:21 +09:00
infrastructure	feat: infra - pangolin - 배포 중단	2025-12-17 21:31:02 +09:00
.gitignore	feat: apps - davinci resolve - tcp 라우팅 제거	2025-12-05 14:27:06 +09:00
readme.md	feat: apps - karakeep - 0.29.3 업데이트	2025-12-21 03:18:40 +09:00
tinyrack-homelab-secret-key.crt	feat: infra - 공개키 추가	2025-11-09 23:53:48 +09:00

readme.md

Homelab

Installation

K3S 설치

curl -fL https://get.k3s.io | \
sh -s - server \
  --cluster-init \
  --cluster-cidr=10.61.0.0/16 \
  --service-cidr=10.62.0.0/16 \
  --disable traefik

Sealed Secrets 키 복원

export PRIVATEKEY="tinyrack-homelab-secret-key.key"
export PUBLICKEY="tinyrack-homelab-secret-key.crt"
export NAMESPACE="sealed-secrets"
export SECRETNAME="tinyrack-homelab-s3-secret"

kubectl create namespace "$NAMESPACE"
kubectl -n "$NAMESPACE" create secret tls "$SECRETNAME" --cert="$PUBLICKEY" --key="$PRIVATEKEY"
kubectl -n "$NAMESPACE" label secret "$SECRETNAME" sealedsecrets.bitnami.com/sealed-secrets-key=active

Flux 부트스트랩

flux bootstrap gitea \
  --token-auth \
  --hostname=git.winetree94.com \
  --repository=homelab \
  --branch=main \
  --path=./clusters/production \
  --owner=tinyrack

Sealed Secret 암호화

kubectl create secret generic docmost-secret \
        --namespace docmost-system \
        --dry-run=client \
        --from-literal=SOME_SECRET_KEY=SOME_SECRET_VALUE \
        --from-literal=SOME_SECRET_KEY=SOME_SECRET_VALUE \
        --from-literal=SOME_SECRET_KEY=SOME_SECRET_VALUE -o yaml \
        | kubeseal --cert ./tinyrack-homelab-secret-key.crt \
        > ./some.secret.yaml