Kennt ihr diese hochintegrierten #Docker Setups fΓΌr Softwaredinge, die eine "install.sh" mitbringen und die dann "automatisch" alles richtig einrichten sollen?
Ich bekomme da echt Ausschlag von. π€’
Dann schaut eins rein, was die so tun. Dann sieht eins da so "docker build"s, und so "apt install ..." Zeug.
Und alles so verschachtelt, das eins da gar nichts anpassen kann, es nicht auf Swarm portieren kann etc.
Wenn ihr Docker nicht versteht, dann lasst es bitte sein.
Webseiten, die einen "merken" Button beim Login haben, sich dann aber weder den Login noch die Session merken...
**Looking at you #goharbor**
Schenkl | π³οΈβππ¦
Disk roll -n calico-system and all was well. It didn't even noticeably impact services.
β
I'd like to introduce #GoHarbor in my #homelab but the setup is so terribly convoluted that it's putting me off.
Why does it need to ship syslog, database and proxy stuff? I don't consider this the responsibility of this software.
Worst of all, it's such a mess that it tries to fix it by providing an installer. Which hides the intentions and makes it even harder to understand how these components relate and how to instrument them.
Might go for Nexus or something else instead.
Today's fun link is for the #k8s #homelab. "Harbor-Container-Webhook" is a somewhat mis-named project. It started as an automatic way to use GoHarbor as a Docker Hub cache, but since then it has grown into a capable docker image repo/tag mutator. It takes in a list of matches and transformations, then watches pod creation. If a pod's image matches a match, it gets changed. Simple. (For example, the docker hub cache would change docker.io/library/alpine:latest to harbor.svc/dockercache/library/alpine:latest.) This isn't tied to Harbor at all; it doesn't even have to point to a cache.
If you installed a #goharbor docker hub cache into your #homelab "way back when", you probably installed HCW, everything Just Worked, and you walked away. Today is a good day to wander back and ghcr.io to your caching. (And if you are of a #security mindset, #GoHarbor does image scanning and such too.)
The attached code will cache everything from GHCR except your username's packages. Just delete the excludes block if you want to cache everything. (It is formatted for the helm chart, as values.rules.)
Jeroen Postma πͺπΊ rules:
- name: "ghcr.io rewrite"
matches:
- "^ghcr.io"
excludes:
# these are authenticated separately, so exclude them here:
- '^ghcr.io/MyUsernameRocks/.*$'
replace: "MYHARBOR/ghcache"
checkUpstream: false
verbose: true@fyw321 @geerlingguy My 8 node cluster costs around 55W via POE. It is 3 pi4 8G control+worker nodes, and 5 pi4 4G worker-only nodes (1 is actually 8G.)
Storage is #iscsi on spinning rust on #TrueNAS, but you can do all this on local disks.
It handles a LOT:
- #Promstack, #FluxCD, #Calico, various scrapers
- #Adguard
- #Blocky (another adblocking #dns)
- #Jellyfin
- #Ombi, Prowlarr, *arr, Deluge
- Home automation helpers (#ser2sock instances, #zigbee/#zwave 2mqtt, but not HA itself)
- #Argo for builds (deprecated in favor of the x64 cloud lab. Building x64 docker containers on arm is BAD)
- Democratic CSI for iscsi/nfs
- #GoHarbor container registry & #dockerhub cache
- #Mealie recipe manager
- #Monica contact manager
- #SMTP relay to gmail
- #Ubiquiti console (bootstrapping becomes a chicken and egg problem though, if it goes down wrong)
- #Wireguard #VPN server
- #Whoogle
- #VisualStudioCode and a #dind sidecar
- SSL termination for most of the rest of the network
Dis