I use MetalLB as a bare metal implementation Load-Balancer
IPAddressPoolis set to
- This way I can use services of type
LoadBalancerand they will get an IP address on that range and that IP address will resolve inside the network
- For examples I configured Traefik to be in
184.108.40.206and CoreDNS in
- Installed using Helm
I use the
.home.arpa special domain so I can go to
plex.home.arpa from anywhere in my network to access my Plex server.
In the Unity Security Gateway I configured the DNS to go primarily to a CoreDNS server running in Kuberentes at
192.168.1.253 and secondary to
home.arpa. IN SOA dns.home.arpa. noc.dns.icann.com. 2015082541 7200 3600 1209600 3600 nas.home.arpa. IN A 192.168.1.150 storage.home.arpa. IN A 192.168.1.150 dash.home.arpa. IN A 192.168.1.200 jdownloader.home.arpa. IN A 192.168.1.200 nocodb.home.arpa. IN A 192.168.1.200 plex.home.arpa. IN A 192.168.1.200 metabase.home.arpa. IN A 192.168.1.200 transmission.home.arpa. IN A 192.168.1.200
Installed using helm.
I can simply point all the DNS entries to the same IP address and Traefik routes it to the correct service with a simple Rule:
host = "nocodb.home.arpa".
Installed using helm.
Exposing services to the outside
I use Cloudflare to manage my domains and use other of it’s services:
- Tunnels to expose my self-hosted services domain.
For example I can go do
https://nocodb.example.comto access NocoDB
- I use Cloudflare Zero Trust to manage who can access my services (family and friends). This way only valid traffic hits the server and it’s totally secure
This also runs inside a kubernetes container using the
image and some config files.
- I have a secondary domain for my private stuff just to separete concerns
- It’s pretty crazy I don’t pay for any of this, I will be happy to do it but the free tiers are so good I don’t have to
Managing the servers
I use Ansible to install Kubernetes and other software in the machines.
- I keep its use to a minimal and try to keep everything else in Kubernetes + Terraform
- Roles used:
- Other config
- Download a couple of Kubernetes tools
- Mount the NAS to
Then I moved the Kubernetes config to my workstation and work directly from there.
I don’t have this open-sourced at the moment because I haven’t cleaned it up.