# khuedoan/homelab **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/khuedoan-homelab).** 9,109 stars · 865 forks · Python · gpl-3.0 ## Links - GitHub: https://github.com/khuedoan/homelab - Homepage: https://homelab.khuedoan.com - awesome-repositories: https://awesome-repositories.com/repository/khuedoan-homelab.md ## Topics `ansible` `argocd` `devops` `docker` `fedora` `gitops` `helm` `home-operations` `homelab` `k3s` `k8s-at-home` `kubernetes` `netboot` `pxe` `self-hosting` `terraform` ## Description This project is a GitOps infrastructure framework designed for managing bare metal servers, container clusters, and networking. It serves as a declarative system for orchestrating the deployment and lifecycle of self-hosted services, using Git as the source of truth to synchronize the desired state of the environment. The framework differentiates itself through a comprehensive automation suite that covers the entire hardware-to-service pipeline. It includes a PXE-based bare metal provisioner for network booting and operating system installation, alongside a lightweight container orchestration layer for managing clusters. Secure service exposure is handled via encrypted tunnels and automated SSL certificate issuance using the ACME protocol. The project's capability surface extends to distributed block storage for resilient data access and centralized identity management for single sign-on across all hosted services. It also provides integrated secret management for secure credential distribution and tools for continuous integration, system monitoring, and automated volume backups. The environment can be provisioned and managed via a command-line interface, which supports executing workflows across multiple nodes and simulating deployments in local sandboxes. ## Tags ### DevOps & Infrastructure - [Bare Metal Orchestration](https://awesome-repositories.com/f/devops-infrastructure/infrastructure/private-enterprise-management/virtualization-bare-metal/bare-metal-orchestration.md) — Automates physical hardware setup using PXE boot to install the base operating system without manual intervention. ([source](https://cdn.jsdelivr.net/gh/khuedoan/homelab@master/README.md)) - [Managed Cluster Orchestration](https://awesome-repositories.com/f/devops-infrastructure/managed-cluster-orchestration.md) — Implements a declarative orchestration layer to manage the deployment and lifecycle of containerized workloads. - [Automated System Provisioning](https://awesome-repositories.com/f/devops-infrastructure/automated-system-provisioning.md) — Automates the initial deployment of system components and services from configuration files via a sequenced workflow. ([source](https://homelab.khuedoan.com/reference/architecture/overview/)) - [GitOps Tools](https://awesome-repositories.com/f/devops-infrastructure/cicd-pipeline-automation/gitops-tools.md) — Acts as a declarative framework for managing bare metal, clusters, and networking via GitOps. - [GitOps Deployment Management](https://awesome-repositories.com/f/devops-infrastructure/cicd-pipeline-automation/gitops-tools/gitops-deployment-management.md) — Automates application deployments and updates by synchronizing states with a Git repository. ([source](https://cdn.jsdelivr.net/gh/khuedoan/homelab@master/README.md)) - [Cluster Node Management](https://awesome-repositories.com/f/devops-infrastructure/cluster-node-management.md) — Manages the lifecycle and membership of physical nodes in the cluster through inventory definitions. ([source](https://homelab.khuedoan.com/how-to-guides/add-or-remove-nodes/)) - [Container Cluster Deployments](https://awesome-repositories.com/f/devops-infrastructure/container-cluster-deployments.md) — Installs and manages a lightweight container orchestration system across multiple nodes to run hosted services. ([source](https://homelab.khuedoan.com)) - [GitOps Controllers](https://awesome-repositories.com/f/devops-infrastructure/gitops-controllers.md) — Uses Git as the source of truth to synchronize the desired state of infrastructure and services. - [GitOps Workflows](https://awesome-repositories.com/f/devops-infrastructure/gitops-workflows.md) — Synchronizes the total state of infrastructure and services based on Git configurations using a root application. ([source](https://homelab.khuedoan.com/reference/architecture/overview/)) - [Infrastructure State Synchronization](https://awesome-repositories.com/f/devops-infrastructure/infrastructure-state-synchronization.md) — Synchronizes the desired state of infrastructure and applications by mirroring configurations from Git to the cluster. - [Provisioning & Deployment](https://awesome-repositories.com/f/devops-infrastructure/infrastructure/infrastructure-as-code/provisioning-and-deployment.md) — Provides a CLI-driven build process to automatically provision and deploy the entire infrastructure environment. ([source](https://homelab.khuedoan.com/installation/production/deployment/)) - [Kubernetes Cluster Management](https://awesome-repositories.com/f/devops-infrastructure/kubernetes-cluster-management.md) — Automates the installation, configuration, and rolling upgrades of container orchestration environments. ([source](https://cdn.jsdelivr.net/gh/khuedoan/homelab@master/README.md)) - [Self-Hosted Deployment Tools](https://awesome-repositories.com/f/devops-infrastructure/self-hosted-deployment-tools.md) — Automates the installation and lifecycle management of self-hosted applications within a private orchestration environment. ([source](https://homelab.khuedoan.com/reference/architecture/overview/)) - [Identity Management Services](https://awesome-repositories.com/f/devops-infrastructure/self-hosted-services/identity-management-services.md) — Provides a self-hosted centralized authentication platform for single sign-on across all internal services. - [CI/CD Orchestration](https://awesome-repositories.com/f/devops-infrastructure/ci-cd-orchestration.md) — Orchestrates the building, testing, and deployment of containerized workloads through a dedicated CI/CD platform. ([source](https://cdn.jsdelivr.net/gh/khuedoan/homelab@master/README.md)) - [Infrastructure Inventory](https://awesome-repositories.com/f/devops-infrastructure/infrastructure-inventory.md) — Defines server specifications, IP addresses, and network interfaces to catalog and prepare physical hardware for provisioning. ([source](https://homelab.khuedoan.com/installation/production/configuration/)) - [Infrastructure State Management](https://awesome-repositories.com/f/devops-infrastructure/infrastructure-state-management.md) — Tracks the state of deployed resources in a remote backend to ensure consistency across environments. ([source](https://homelab.khuedoan.com/installation/production/external-resources/)) - [System Upgrade Orchestrators](https://awesome-repositories.com/f/devops-infrastructure/infrastructure/cluster-service-orchestration/system-upgrade-orchestrators.md) — Automates rolling updates and version transitions for the base operating system and orchestration layer. ([source](https://homelab.khuedoan.com/)) - [Sandbox Provisioning Services](https://awesome-repositories.com/f/devops-infrastructure/infrastructure/infrastructure-as-code/management/infrastructure-orchestration/sandbox-provisioning-services.md) — Creates temporary local cluster environments to test configuration changes without affecting production hardware. ([source](https://homelab.khuedoan.com/installation/sandbox/)) - [DNS Infrastructure Configurations](https://awesome-repositories.com/f/devops-infrastructure/infrastructure/networking/domain-management/dns-infrastructure-configurations.md) — Manages custom DNS records and routing to map domain names to infrastructure IP addresses. ([source](https://homelab.khuedoan.com/how-to-guides/alternate-dns-setup/)) - [Remote Command Execution](https://awesome-repositories.com/f/devops-infrastructure/remote-command-execution.md) — Executes shell commands on multiple target nodes simultaneously and aggregates the output. ([source](https://homelab.khuedoan.com/how-to-guides/run-commands-on-multiple-nodes/)) - [Rolling Update Orchestrators](https://awesome-repositories.com/f/devops-infrastructure/rolling-update-orchestrators.md) — Performs rolling upgrades of the operating system and orchestration layer to maintain system availability. ([source](https://homelab.khuedoan.com)) - [Service Exposure](https://awesome-repositories.com/f/devops-infrastructure/service-exposure.md) — Combines encrypted tunnels and automated SSL management to securely expose internal services to the internet. ### Data & Databases - [Distributed Storage](https://awesome-repositories.com/f/data-databases/distributed-storage.md) — Implements a redundant, distributed block storage layer to provide persistent data access for containerized applications. - [Automated Backup Systems](https://awesome-repositories.com/f/data-databases/automated-backup-systems.md) — Implements automated systems for scheduling and managing periodic data backups to remote storage. ([source](https://homelab.khuedoan.com/)) - [Backup and Recovery](https://awesome-repositories.com/f/data-databases/backup-and-recovery.md) — Schedules system backups and provides mechanisms to restore services to a known good state. ([source](https://homelab.khuedoan.com)) - [Data Restoration Tools](https://awesome-repositories.com/f/data-databases/data-restoration-tools.md) — Recovers the latest backup of specified application volumes to return the system to a previous state. ([source](https://homelab.khuedoan.com/how-to-guides/backup-and-restore/)) ### Networking & Communication - [Traffic Tunneling](https://awesome-repositories.com/f/networking-communication/traffic-tunneling.md) — Exposes internal services to the internet via secure encrypted tunnels and relays. ([source](https://homelab.khuedoan.com/installation/production/external-resources/)) - [DNS Configuration](https://awesome-repositories.com/f/networking-communication/dns-configuration.md) — Configures domain name resolution settings with third-party DNS providers to enable external access to internal services. ([source](https://homelab.khuedoan.com/installation/production/external-resources/)) - [Dynamic DNS Synchronization](https://awesome-repositories.com/f/networking-communication/dynamic-dns-synchronization.md) — Automatically synchronizes DNS records with external providers when services are exposed to the network. ([source](https://homelab.khuedoan.com/)) - [Secure Remote Access](https://awesome-repositories.com/f/networking-communication/secure-remote-access.md) — Establishes encrypted network tunnels to provide secure remote administrative access to the internal network. ([source](https://homelab.khuedoan.com/)) - [Service Tunnels](https://awesome-repositories.com/f/networking-communication/service-tunnels.md) — Exposes internal services to the internet through secure encrypted tunnels to avoid opening firewall ports. - [VPN Controllers](https://awesome-repositories.com/f/networking-communication/vpn-controllers.md) — Orchestrates encrypted VPN tunnels and control servers to create private network overlays for remote access. ([source](https://homelab.khuedoan.com/getting-started/vpn-setup/)) ### Operating Systems & Systems Programming - [Network Booting Utilities](https://awesome-repositories.com/f/operating-systems-systems-programming/network-booting-utilities.md) — Coordinates DHCP, TFTP, and HTTP servers to automate the network booting of physical servers via PXE. ([source](https://homelab.khuedoan.com/concepts/pxe-boot/)) ### Security & Cryptography - [Centralized Identity Management](https://awesome-repositories.com/f/security-cryptography/centralized-identity-management.md) — Consolidates and manages authentication policies across services using a centralized identity mechanism. ([source](https://homelab.khuedoan.com)) - [Centralized Secrets Management](https://awesome-repositories.com/f/security-cryptography/centralized-secrets-management.md) — Provides a centralized system for storing and synchronizing sensitive credentials across the infrastructure. - [Encrypted Secret Management](https://awesome-repositories.com/f/security-cryptography/encrypted-secret-management.md) — Provides centralized storage and secure injection of encrypted sensitive configuration parameters and keys. ([source](https://cdn.jsdelivr.net/gh/khuedoan/homelab@master/README.md)) - [Identity Providers](https://awesome-repositories.com/f/security-cryptography/identity-providers.md) — Ships a centralized identity provider to unify authentication and access management across all hosted services. - [Automated Certificate Management](https://awesome-repositories.com/f/security-cryptography/network-infrastructure-security/web-network-security/security-https/automated-certificate-management.md) — Automates the entire lifecycle of TLS certificates, including issuance, renewal, and DNS synchronization. ([source](https://homelab.khuedoan.com)) - [In-Cluster Secret Stores](https://awesome-repositories.com/f/security-cryptography/secrets-management/in-cluster-secret-stores.md) — Ships a global in-cluster key-value store for managing secrets without relying on external software. ([source](https://homelab.khuedoan.com/reference/architecture/decision-records/)) - [Single Sign-On](https://awesome-repositories.com/f/security-cryptography/single-sign-on.md) — Unifies authentication across all hosted services using a centralized identity provider for single sign-on. - [SSL Certificate Automation](https://awesome-repositories.com/f/security-cryptography/ssl-certificate-automation.md) — Implements automated SSL/TLS certificate provisioning using the ACME protocol and DNS challenges. ([source](https://homelab.khuedoan.com/concepts/certificate-management/)) - [ACME Clients](https://awesome-repositories.com/f/security-cryptography/acme-clients.md) — Implements an ACME client for automated SSL certificate issuance and renewal using DNS challenges. - [Encrypted Tunneling Services](https://awesome-repositories.com/f/security-cryptography/encrypted-tunneling-services.md) — Provides encrypted tunneling services to make local services accessible without opening firewall ports. ([source](https://cdn.jsdelivr.net/gh/khuedoan/homelab@master/README.md)) - [SSL Certificate Managers](https://awesome-repositories.com/f/security-cryptography/ssl-certificate-managers.md) — Automates the issuance and renewal of SSL certificates to ensure encrypted traffic for hosted services. ([source](https://cdn.jsdelivr.net/gh/khuedoan/homelab@master/README.md)) ### Development Tools & Productivity - [Local Emulation Environments](https://awesome-repositories.com/f/development-tools-productivity/local-emulation-environments.md) — Implements a local sandbox environment to simulate and verify service deployments without affecting production hardware. ([source](https://homelab.khuedoan.com/installation/sandbox)) ### System Administration & Monitoring - [Infrastructure Health Monitors](https://awesome-repositories.com/f/system-administration-monitoring/database-health-monitors/infrastructure-health-monitors.md) — Executes a comprehensive test suite to validate the operational status of provisioned services and cluster components. ([source](https://homelab.khuedoan.com/installation/post-installation/)) - [System Health Monitors](https://awesome-repositories.com/f/system-administration-monitoring/system-health-monitors.md) — Collects real-time metrics and logs to monitor hardware stability and service health. ([source](https://homelab.khuedoan.com)) ### Testing & Quality Assurance - [Automated Infrastructure Testing](https://awesome-repositories.com/f/testing-quality-assurance/software-testing/testing-frameworks/automated-infrastructure-testing.md) — Runs automated tests to verify that infrastructure deployments behave as expected before production promotion. ([source](https://homelab.khuedoan.com/concepts/testing/))