// the find
xunholy/k8s-gitops
Kubernetes cluster powered by GitOps with FluxCD- Unified source of truth, automated workflows, declarative infrastructure, and cutting-edge DevOps practices.
A personal homelab Kubernetes cluster managed entirely through FluxCD and GitOps, running on Talos Linux with 3 NUC nodes and a TrueNAS NAS. This is a real, actively maintained production-ish setup — not a tutorial skeleton — with Cilium, Rook-Ceph, Volsync, External Secrets (1Password), and Envoy Gateway all wired together. Good reference material for anyone building a serious homelab or learning how enterprise-grade Kubernetes tooling fits together outside of a managed cloud.
Talos Linux + Flux is a solid combination: immutable OS with no SSH, GitOps-managed everything, and Renovate keeping dependencies current automatically. The .archive directory shows real iteration history — you can see what got tried and dropped (Istio, OpenFaaS, MetalLB, Traefik) and what replaced it, which is more valuable than a clean-sheet config. Rook-Ceph + Volsync for storage gives you distributed block storage with async PV replication for backup, which is genuinely production-grade for homelab. External Secrets pulling from 1Password means secrets never live in git, even encrypted — cleaner than SOPS/age for teams.
It's a personal config, not a template or framework — there's no bootstrapping guide, so replicating it requires significant reverse-engineering of the specific hardware layout, cloud accounts, and 1Password vault structure. The GitHub description says 'PHP' as the primary language, which is a metadata error (it's all YAML/shell); anyone filtering by language will miss or dismiss it. The cluster is genuinely tied to one person's infrastructure (specific Cloudflare account, specific GCP bucket, specific UDM-Pro network topology), so the educational value requires mentally stripping that context as you read. No testing or validation layer — changes are applied live via Flux reconciliation with no staging environment, which is fine for homelab but should be understood before treating this as a pattern to copy.