personal ansible-tower like tool using github actions
mostly ran locally these days off my pi4 running code server
this is a living repo, master is not assumed stable
powered by github's generosity and machines i find in local dumpsters
starting to run newer services in kubernetes, because i've grown tired of plain docker with compose
- applications are (usually) launched as a deployment
- when a service is added metallb provisions the service an ip address on my local network
- if external public access is needed an ingress record is created with a
<service>.k8s.rileysnyder.devdomain- routed from a caddy reverse proxy acting as the entrypoint to my local network.
- longhorn for storage
- nodes are random machines that i dont have another use for at any given time, swapped out often
- manifests are under
infra/k8sapplied either with kubectl, k3s manifests directory, or harness (both regular deployments and gitops), because i need to try everything
using ansible vault with a password in a local file
ansible-vault encrypt_string --vault-password-file .vault_password 'bar' --name 'foo'| cidr | notes | |
|---|---|---|
| home | 192.168.2.0/24 | |
| tailscale | 100.64.0.0/10 | |
| lab cluster | 10.42.0.0/16 | |
| lab svc | 10.43.0.0/16 | |
| oc cluster | 10.42.0.0/16 | need to migrate to 10.44.0.0/16 |
| oc svc | 10.43.0.0/16 | need to migrate to 10.45.0.0/16 |
| ocdr cluster | 10.46.0.0/16 | |
| ocdr svc | 10.47.0.0/16 | |
| oc2 cluster | 10.48.0.0/16 | |
| oc2 svc | 10.49.0.0/16 |