yadunut/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases Wiki Activity
main
homelab/Architecture.md
Yadunand Prem 0a00cfa550
fix: docs
2025-05-12 19:50:31 -04:00

2.4 KiB
Raw Permalink Blame History

premhome-gc1, 11GB Ram, 6 Cores, Public IP

falcon-server-1, with X GB Ram, X Cores, No public IP, only private IP. eagle-server-1, with X GB Ram, X Cores, No public IP, only private IP.

  1. Why not use the flannel's wg interface?

This requires the ndoes to have public IPs. But this wouldn't be the case for my system as the nodes at home only have private IPs.

Steps:

  1. Install k3s on gc1
  2. Install flux on gc1
  3. Deploy zerotier controller on gc1
  4. Setup a zerotier interface on gc1
  5. Migrate flannel iface to zerotier interface
  6. Setup zerotier on the

Steps taken

  1. Setup a zerotier controller: https://docs.zerotier.com/controller

On premhome-gc1,

TOKEN=$(sudo cat /var/lib/zerotier-one/authtoken.secret)
NODEID=$(sudo zerotier-cli info | cut -d " " -f 3)

# Create a network
NWID=$(curl -X POST "http://localhost:9993/controller/network/${NODEID}______" -H "X-ZT1-AUTH: ${TOKEN}" -d {} | jq -r ".nwid")

# Setup the IP address range and routes for this network
curl -X POST "http://localhost:9993/controller/network/${NWID}" -H "X-ZT1-AUTH: ${TOKEN}" \
    -d '{"ipAssignmentPools": [{"ipRangeStart": "10.222.0.0", "ipRangeEnd": "10.222.0.254"}], "routes": [{"target": "10.222.0.0/23", "via": null}], "rules": [ { "etherType": 2048, "not": true, "or": false, "type": "MATCH_ETHERTYPE" }, { "etherType": 2054, "not": true, "or": false, "type": "MATCH_ETHERTYPE" }, { "etherType": 34525, "not": true, "or": false, "type": "MATCH_ETHERTYPE" }, { "type": "ACTION_DROP" }, { "type": "ACTION_ACCEPT" } ], "v4AssignMode": "zt", "private": true }'

# Authorize the current server
curl -X POST "http://localhost:9993/controller/network/${NWID}/member/${NODEID}" -H "X-ZT1-AUTH: ${TOKEN}" -d '{"authorized": true}'

Yay! you now have an interface, and an IP address to broadcast on :D

What I have

  1. premhome-gc1 IP: 167.253.159.47
  2. premhome-falcon-1 IP: 10.0.0.55
  3. premhome-eagle-1 IP: 10.0.0.248

Deploying secrets

op connect server create cluster --vaults cluster
op connect token create cluster --server <Server ID> --vault cluster

kubectl create secret generic -n 1password-system 1password-credentials  --from-literal=password="$(op read 'op://cluster/1password-credentials/1password-credentials.json')"
kubectl create secret generic -n 1password-system 1password-token  --from-literal password="$(op read 'op://cluster/1password-token/password')"