CSTF/wild-cloud
1
1
Fork 0
Code Issues 12 Pull Requests Actions Packages Projects 1 Releases 1 Wiki Activity
Files
ead32d09a0f9a5c3eb3c8777af6cdb28d2184041
wild-cloud/infrastructure_setup
History
Paul Payne 5cbfb9c645 Add Immich application deployment files and configuration 
- Create README.md for Immich app description
- Add example.env for configuration settings
- Implement deployment.yaml for Immich server and microservices
- Set up ingress.yaml for public access with DNS annotations
- Introduce db-init-job.yaml for database initialization
- Configure kustomization.yaml for resource management
- Define manifest.yaml for Immich app installation details
- Create namespace.yaml for isolating Immich resources
- Establish PVCs in pvc.yaml for storage management
- Set up services in service.yaml for server and machine learning components
- Update CoreDNS custom config to handle AAAA records
2025-05-27 17:19:41 -07:00
..
cert-manager
Refactor cert-manager and ExternalDNS configurations
2025-05-03 13:51:52 -07:00
coredns
Add Immich application deployment files and configuration
2025-05-27 17:19:41 -07:00
docker-registry
Add Docker Registry setup including deployment, ingress, service, PVC, and configuration files
2025-05-18 15:20:36 -07:00
externaldns
Add ExternalDNS configuration and setup script for Cloudflare integration
2025-05-05 09:43:28 -07:00
kubernetes-dashboard
Add RBAC configuration for dashboard admin and update TLS secret reference
2025-05-05 09:43:56 -07:00
longhorn
Add Longhorn setup script and integrate into setup-all.sh
2025-05-24 10:18:32 -07:00
metallb
Remove certificate copying logic from cert-manager setup script
2025-05-05 09:44:49 -07:00
traefik
Add Traefik README and update service configuration annotations
2025-05-05 09:42:02 -07:00
utils
Add netdebug script and Kubernetes configuration for debugging pod
2025-05-05 09:40:00 -07:00
get_helm.sh
Initial commit.
2025-04-27 14:57:00 -07:00
README.md
Initial commit.
2025-04-27 14:57:00 -07:00
setup_node.sh
Add helper node setup script.
2025-05-18 15:28:57 -07:00
setup-all.sh
Add Longhorn setup script and integrate into setup-all.sh
2025-05-24 10:18:32 -07:00
setup-cert-manager.sh
Remove certificate copying logic from cert-manager setup script
2025-05-05 09:44:49 -07:00
setup-coredns.sh
Refactor CoreDNS setup: add custom configuration and LoadBalancer service. This prevents k3s overwriting our config with a CoreDNS restart.
2025-05-25 15:47:31 -07:00
setup-dashboard.sh
Refactor Kubernetes Dashboard setup script to streamline admin service account creation and remove unnecessary cleanup steps
2025-05-05 09:45:08 -07:00
setup-externaldns.sh
Add ExternalDNS configuration and setup script for Cloudflare integration
2025-05-05 09:43:28 -07:00
setup-longhorn.sh
Add Longhorn setup script and integrate into setup-all.sh
2025-05-24 10:18:32 -07:00
setup-metallb.sh
Initial commit.
2025-04-27 14:57:00 -07:00
setup-traefik.sh
Initial commit.
2025-04-27 14:57:00 -07:00
setup-utils.sh
Add configuration files for Ghost, MariaDB, Nextcloud, Postgres, and Redis; implement generate-config script and enhance load-env script for dependency management
2025-05-18 15:15:59 -07:00
validate_setup.sh
Fix MetalLB component checks to use correct label selectors
2025-05-24 10:18:38 -07:00

README.md

Infrastructure setup scripts

Creates a fully functional personal cloud infrastructure on a bare metal Kubernetes (k3s) cluster that provides:

  1. External access to services via configured domain names (using ${DOMAIN})
  2. Internal-only access to admin interfaces (via internal.${DOMAIN} subdomains)
  3. Secure traffic routing with automatic TLS
  4. Reliable networking with proper load balancing

Architecture

Internet → External DNS → MetalLB LoadBalancer → Traefik → Kubernetes Services
                                    ↑
                                 Internal DNS
                                    ↑
                              Internal Network

Key Components

  • MetalLB - Provides load balancing for bare metal clusters
  • Traefik - Handles ingress traffic, TLS termination, and routing
  • cert-manager - Manages TLS certificates
  • CoreDNS - Provides DNS resolution for services
  • Kubernetes Dashboard - Web UI for cluster management (accessible via https://dashboard.internal.${DOMAIN})

Configuration Approach

All infrastructure components use a consistent configuration approach:

  1. Environment Variables - All configuration settings are managed using environment variables loaded by running source load-env.sh
  2. Template Files - Configuration files use templates with ${VARIABLE} syntax
  3. Setup Scripts - Each component has a dedicated script in infrastructure_setup/ for installation and configuration

Idempotent Design

All setup scripts are designed to be idempotent:

  • Scripts can be run multiple times without causing harm
  • Each script checks for existing resources before creating new ones
  • Configuration updates are applied cleanly without duplication
  • Failed or interrupted setups can be safely retried
  • Changes to configuration will be properly applied on subsequent runs

This idempotent approach ensures consistent, reliable infrastructure setup and allows for incremental changes without requiring a complete teardown and rebuild.