vLuwte's Homelab Journey (Page 2)

IT-Tools on Bletchley

Deploying IT-Tools on Bletchley: self-hosted dev utilities running as non-root behind Traefik and cert-manager, with a restricted PodSecurity context

Central Authentication for the Bletchley Cluster: Authelia and ForwardAuth

Adding central authentication to the Bletchley cluster with Authelia: ForwardAuth for Longhorn and Traefik, one session cookie for all services.

Cluster Observability Part 3: Dashboards for Storage, Kubernetes, and Network

Importing Longhorn, Kubernetes, and resource dashboards onto the Bletchley cluster — and fixing the scrape config that was only collecting from one of four nodes.

Version Control for the Cluster: Installing Forgejo on Bletchley

Installing Forgejo on Bletchley: self-hosted git, infra/apps repo structure, accidentally committing secrets, SQLite WAL, and a two-layer backup to Garage S3.

Backup Validation: Restoring from Longhorn Backups

Testing the backup chain: etcd encryption with age, and a full Grafana PVC delete-and-restore to confirm Longhorn backups actually work.

Offloading Bletchley Backups: Traefik, Wildcard Certs, and rclone

Exposing Garage S3 via Traefik, why Synology Cloud Sync failed, and how rclone solved the offsite backup problem instead.

Backup Infrastructure: Garage S3, ZFS, and Longhorn Backup Targets

Building the local backup layer for the Bletchley cluster: ZFS mirror on rock3's SATA SSDs, Garage S3, NFS, and Longhorn recurring backups.

Certificate Management: cert-manager on the Bletchley Cluster

Adding TLS to the Bletchley cluster with cert-manager, TransIP DNS-01 challenges, Let's Encrypt staging and production issuers, and automatic HTTP→HTTPS redirects.

Cluster Networking: MetalLB and Traefik

Adding MetalLB and Traefik to Bletchley: real IPs for LoadBalancer services, hostname-based routing, and a reader-suggested improvement that preserves source IPs from day one.

Cluster Observability Part 2: Grafana Dashboards

Adding Grafana to the Bletchley cluster: Longhorn-backed storage, pre-configured Prometheus datasource, and the Node Exporter Full dashboard showing live node metrics.

Cluster Observability Part 1: Prometheus and Node Exporter on Talos

Installing Prometheus and node exporter on Talos Linux: namespace labelling, values files, the duplicate pod gotcha, and confirming all four nodes are being scraped.

Longhorn Deep Dive: Replicas, Versions, and Upgrades

The decisions behind the Longhorn installation: why 2 replicas on a 1Gb cluster, how version pinning protects reproducibility, and when to upgrade.

Longhorn

Setting Up Longhorn Storage on the Bletchley Cluster

Installing Longhorn distributed storage on a Talos Linux cluster: NVMe preparation, Helm install, and why the namespace label matters before anything else.

Talos Linux

Upgrading Talos Linux Nodes: Adding a Missing Extension

How I discovered a missing system extension before it caused problems, and upgraded all four Bletchley cluster nodes in 15 minutes. Plus: what changes when you have running workloads.

TuringPi

Building the Bletchley Cluster: Installing Talos Linux on TuringPi 2

Complete guide to installing Talos Linux v1.12.4 on TuringPi 2 RK1 modules — VLAN configuration, HA control plane, and every command along the way.

Talos

Installing Talos Linux on TuringPi RK1: Learning from My First Attempt

Documentation isn't optional. How I lost access to my working Talos cluster and why I'm reinstalling from scratch with proper documentation.

PostgreSQL

Upgrading PostgreSQL: From 12 to 18 on RHEL8

PostgreSQL 12 reached EOL in November 2024. Here's how I upgraded to PostgreSQL 18 using the dump-and-restore method on RHEL 8.

Lessons Learned

What I Learned Installing Umami: Database Decisions and Docker

Seven lessons from installing Umami analytics: database compatibility, EOL software risks, Docker isolation, and why documentation is as valuable as code.

TuringPi

My TuringPi Cluster Hardware: From Kickstarter to Reality

Three years from Kickstarter backing to complete build: documenting my TuringPi 2 cluster with 4x RK1 modules, storage strategy, and lessons learned.

Umami

Adding Analytics to My Blog: The Umami Journey

Privacy-friendly analytics without Google: how I deployed Umami with PostgreSQL in Docker after learning hard lessons about database compatibility.

Ghost

Configuring Ghost for Technical Blogging: SEO, Syntax Highlighting, and Comments

Setting up Ghost for technical content: Prism.js syntax highlighting with autoloader, SEO optimization, Google Search Console, Giscus comments, and GDPR compliance. Complete code injection configuration included.