100daysofhomelab
Joining a non-Talos node to a Talos cluster (Day 39)
How to add non-Talos nodes to a Talos cluster with HAProxy for KubePrism compatibility.
Setting up Talos in HA Mode (Day 32)
Setting up a high-availability Kubernetes cluster with Talos
TIL: DNS Search Domains (Day 31)
What Are Search Domains? Search domains are DNS suffixes automatically appended to unqualified hostnames to help resolve local network resources. When you type server1instead of server1.home.network, your system will try both. The Problem When combined with wildcard DNS records (*.domain.tld), search domains can cause external domains to
Automating Kubernetes Secrets with ArgoCD and SOPS (Day 30)
Automating Kubernetes secret management with ArgoCD, SOPS and helmfile for a fully GitOps-driven workflow.
Chartmuseum Repository continued ... (Day 29)
Continuing from the previous ChartMuseum setup entry, today was about solving the DNS resolution and network connectivity issues (some of which had to do with my firewall blocking traffic across certain VLANs). The DNS Challenge Yesterday ended with this error: DEBUG Fetching chart list from storage ERROR RequestError: send request
Private Helm Chart Repository with ChartMuseum (Day 28)
Setting up a self-hosted Helm chart repository with ChartMuseum and Minio.
Installing CrowdSec on OPNsense (Day 27)
CrowdSec is a security tool that detects and blocks malicious IPs using a collaborative approach to share threat intelligence across users. I initially planned to run CrowdSec just on Traefik, but having it at the firewall level provides more protection for all devices on the network. Installation CrowdSec has a
Secure Secret Management with SOPS, Age, and Bitwarden (Day 26)
Using SOPS with Age encryption for secret management, Bitwarden Secrets Manager for key storage, and integrating it all with Terragrunt for secure infrastructure as code.
ZFS RAIDZ VDEV Extension (Day 25)
Got a new drive to add to my storage pool and TrueNAS Scale now supports RAIDZ VDEV extension. Which is a relatively new feature, introduced in TrueNAS 24.10 (Electric Eel). Steps: 1. Navigate to the storage pool 2. Select "Manage Devices" 3. Choose the VDEV you want
Sharing Services Across Tailnets (Day 24)
Using Tailscale's Kubernetes operator to share specific services across tailnets without inviting users directly to the network, while maintaining DNS.
Navidrome on TrueNAS Scale (Day 23)
Got an old music collection sitting around? try Navidrome
K3s upgrade to 1.31.5 (Day 22)
K3s upgrades are surprisingly simple - just rerun your initial install command and you're done
Traefik Timeouts and Immich (Day 21)
I have been setting up Immich, i.e destroying and recreating it until I got my photo organization and volumes just right. The next step was to do a mass import after testing, the CLI tool makes mass imports pretty straightforward, but I kept having an issue with certain files