This repo contains the Flux-managed Kubernetes manifests for my homelab cluster.
It includes the cluster entrypoint, shared infrastructure, and a small set of application workloads. Live secrets and generated Flux controller manifests are not committed here; the applied manifests reference Kubernetes Secrets that are created separately.
- Flux
Kustomizationresources for cluster, infrastructure, and application reconciliation. - Cert-manager issuer and certificate manifests for internal TLS.
- CoreDNS custom records for
.k8s.lanservice names. - Monitoring with
kube-prometheus-stack. - Sealed Secrets controller installation.
- Open WebUI deployment with S3-backed storage.
- Tailscale subnet router for private cluster access.
clusters/production: Flux entrypoint for the cluster.infrastructure: cluster-level services and Helm sources.apps/production: application workloads.examples: sample secret manifests used as input for Sealed Secrets or another secret manager.
The repo does not include live secret values. Open WebUI, Grafana, and Tailscale credentials are expected to exist in the cluster before the dependent workloads are applied.
The files in examples/ show the expected keys and resource names.
The cluster reconciles this repo through Flux:
flux reconcile kustomization flux-system --with-source
flux get kustomizationsFor local validation:
kubectl kustomize clusters/production
kubectl kustomize infrastructure
kubectl kustomize apps/production