// the find
onedr0p/home-ops
Wife approved HomeOps driven by Kubernetes and GitOps using Flux
A personal homelab Kubernetes cluster configuration managed as code, covering everything from network (Cilium + Istio) to media automation (Plex, Sonarr, Radarr) to home automation (Home Assistant, Zigbee, Z-Wave). This is one person's actual production setup, not a tutorial scaffold — the hardware section lists real NUCs, real drives, and real power draw. Useful as a reference for anyone building a similar setup, not as something to fork and run directly.
Dependency graph between HelmReleases is explicit and intentional — the Flux workflow shows Atuin won't deploy until rook-ceph-cluster is healthy, which prevents a whole class of ordering bugs that kill most homelab setups. External-secrets with 1Password Connect is the right call for secret management: no plain secrets in git, no Vault to babysit. Renovate is wired up to watch the whole repo, so Helm chart and image updates get PRs automatically rather than accumulating as silent drift. The split between internal and external ExternalDNS instances with two ingress classes is clean — private DNS stays off Cloudflare without any manual record management.
Cilium and Istio running together is a known complexity trap: L7 policy enforcement overlaps between them, and debugging packet drops when both are in play is genuinely painful. No explanation in the repo of why both are needed or how they're scoped. The bootstrap section is sparse — helmfile + kustomize for bootstrapping, then Flux takes over, but the handoff isn't documented and someone trying to replicate this will spend hours figuring out the correct order. Talos + Rook-Ceph on the same nodes means a bad Ceph OSD can take a node with it; the README mentions this is intentional but doesn't explain what the recovery story is. Being a personal repo, there's no abstraction layer — reproducing even 80% of this for your own hardware means editing YAML file-by-file, which is why the author points to cluster-template separately.