Paul Payne
f1fe4f9cc2
- Refactor dnsmasq configuration and scripts for improved variable handling and clarity - Updated dnsmasq configuration files to use direct variable references instead of data source functions for better readability. - Modified setup scripts to ensure they are run from the correct environment and directory, checking for the WC_HOME variable. - Changed paths in README and scripts to reflect the new directory structure. - Enhanced error handling in setup scripts to provide clearer guidance on required configurations. - Adjusted kernel and initramfs URLs in boot.ipxe to use the updated variable references.
2.1 KiB
2.1 KiB
Infrastructure setup scripts
Creates a fully functional personal cloud infrastructure on a bare metal Kubernetes (k3s) cluster that provides:
- External access to services via configured domain names (using ${DOMAIN})
- Internal-only access to admin interfaces (via internal.${DOMAIN} subdomains)
- Secure traffic routing with automatic TLS
- Reliable networking with proper load balancing
Architecture
Internet → External DNS → MetalLB LoadBalancer → Traefik → Kubernetes Services
↑
Internal DNS
↑
Internal Network
Key Components
- MetalLB - Provides load balancing for bare metal clusters
- Traefik - Handles ingress traffic, TLS termination, and routing
- cert-manager - Manages TLS certificates
- CoreDNS - Provides DNS resolution for services
- ExternalDNS - Automatic DNS record management
- Longhorn - Distributed storage system for persistent volumes
- NFS - Network file system for shared media storage (optional)
- Kubernetes Dashboard - Web UI for cluster management (accessible via https://dashboard.internal.${DOMAIN})
- Docker Registry - Private container registry for custom images
- Utils - Cluster utilities and debugging tools
Idempotent Design
All setup scripts are designed to be idempotent:
- Scripts can be run multiple times without causing harm
- Each script checks for existing resources before creating new ones
- Configuration updates are applied cleanly without duplication
- Failed or interrupted setups can be safely retried
- Changes to configuration will be properly applied on subsequent runs
This idempotent approach ensures consistent, reliable infrastructure setup and allows for incremental changes without requiring a complete teardown and rebuild.