I’ve used Hover in the past, but I’ve found myself using Porkbun lately.
Edit to add: I don’t use the registrars as my authoritative DNS, I use Route53 for that.
rs5th
joined 2 years ago
You might check our Authentik for the authentication bit. It’s kinda complex, but can do proxy auth, OIDC, SAML, and LDAP.
My setup is a mix of on-prem and VPS.
On-Prem
- Primary Cluster (24 cores, 192 GB RAM, 36 TB usable storage)
- Two Dell R610 (12 cores, 96 GB RAM each)
- vSphere 7.0, ESXi 6.7 (because processors are too old for 7.0)
- Kubernetes 1.24
- Single controller VM
- Two worker VMs
- OS: Ubuntu 20.04
- K8s Flavor: Kubeadm
- Use: Almost everything
- Storage:
- Synology 1515 (11 TB usable, RAID 5) - vSphere datastore via NFS
- Synology 1517 (25 TB usable, RAID 5) - Kubernetes mounts via NFS, media, general NAS stuff
- Standalone Node (4 cores, 16GB RAM, 250 GB SSD)
- Lenovo M900 micro-PC
- OS: Ubuntu 22.04
- Kubernetes 1.24
- K8s Flavor: k3s
- Use: provide critical network services (DNS/DHCP) if any part of the complex cluster goes down, Frigate due to USB Coral TPU plugged in here
- Networking / Other
- DNS:
- Primary: AdGuard Home running on Standalone
- Internal domain: BIND VM running in Primary Cluster
- Firewall: Juniper SRX 220H
- Switch: Juniper EX2200-48
- WiFi: 3x Unifi In-Wall APs
- Power:
- UPS backing compute and storage (10-15 min runtime)
- UPS backing networking gear (15-20 minute runtime)
- DNS:
VPS
- Single Linode (2 cores, 4 GB RAM, 80 GB storage)
- OS: Ubuntu 22.04
- Kubernetes 1.24
- K8s Flavor: k3s
- Use: UptimeKuma to monitor on-prem infrastructure, services that can't go down due to home ISP or power issues (like family RocketChat).
Every service (except Plex) is containerized and running in Kubernetes. Plex will be migrated soon(TM). Everything in Kubernetes is handled via Infrastructure as Code using FluxCD and GitOps principles. Secrets are stored in git using Mozilla SOPS for encrypt/decrypt. Git repos are currently hosted in GitHub, but I'm considering Gitea, though that might present a bit of a bootstrapping problem if all the infrastructure that hosts Gitea is declared inside Gitea...
I am! @gabe565@lemmy.cook.gg and I worked on setting this up yesterday. He mentioned building a Helm chart for the whole shebang.
I went down this rabbit hole a couple months ago: birds are classified as dinosaurs. Not “descended from dinosaurs”, actual dinosaurs. Sauce
I feel like WeWork got close.
I think you mean "unforeseeable weather events, sorry no refunds"
Ah, their incident page says it was mostly lambda, my infra is mostly all on EKS/EC2.
us-east-1 must not be completely down, or I'd be having a much worse day!
Pretty sure that’s just a cosmetic issue on Lemmy 0.17.3. BeeHaw is updating to 0.17.4 in about 4 hours, which may resolve that. Either way, if you see that, you should be subscribed!