Mastodawn

Need to document how I deployed a home #EDR #SIEM on #k3s with Tailscale but had to update my #mcp server first! https://github.com/mdfranz/elastic-security-mcp

GitHub - mdfranz/elastic-security-mcp: A Golang MCP Server For Elastic Optimized for Elastic Security Data Sources

A Golang MCP Server For Elastic Optimized for Elastic Security Data Sources - mdfranz/elastic-security-mcp

GitHub

Show thread

michabbb Jun 1

🧱 Defense in depth across four policy domains: filesystem (blocks reads/writes outside allowed paths), network (hot-reloadable), process (blocks privilege escalation & dangerous syscalls), and inference (reroutes model API calls)

⚙️ Under the hood it runs a #K3s #Kubernetes cluster inside a single #Docker container — no separate K8s install needed. A gateway coordinates sandbox lifecycle & acts as the auth boundary

Chris @ todfox May 24

Not sure why, but upgrading a #k3s test node from #AlpineLinux v3.22 to v3.23 causes etcd to shit itself.

Holding the nodes in the cluster at v3.22 for now until I figure out why.

This is why I have a test cluster that does mostly nothing! Better to FAFO in test than in prod. :)

#AdventuresInSelfHosting

阿伦一定要出村 May 21

病假给了我很多时间去搞homelab 今天把terraform module 加上了， ansible playbook也跑起来了，这边 tofu apply 然后 ansible-playbook 进行config. 还把tasks 整合进了 roles. 今天还读了一点production kubernetes 觉得受益匪浅！非常棒的一本书！

病假后半段我状态好点了不再一整天都虚弱躺着了就开始不停思考，我感觉自己把整个人生都分析和重构了一遍，从财务规划到退休计划从职业发展到知识管理…

明天打算把这两步整合一下：provision a VM, install k3s, install Rancher, then let Rancher create/register another downstream cluster 顺便处理下cert-manager DNS-01 拿证书

#homelab #ansible #opentofu #k3s #rancher #certmanager

Tim Schupp May 18

I'm making progress on my local #LLM experiments. Now we moved from single node to 2 node Kubernetes, here a blog post about my initial setup with a bunch of new Bench-marking results: https://blog.t1m.me/blog/building-own-private-kuberntes-ai-cluster

Currently using a simple #k3s server / agent set-up, with DNS-1 certificate issuing and everything in a private #tailscale network.

Already taking the next steps towards migrating from #ollama to #vLLM and optimizing prompt / model caching + routing. Several more changes coming up :)

Building a private LLM Cluster

A hands-on experiment building a self-managed at-home AI cluster with k3s, Ollama, and LiteLLM.

DocYeet

May 17

Wow that was a long break, I've got very little time to talk here lately, work and life taking over...

But damn was there some activity on the k3s cluster 😅

Stalwart is finally up and running, with all of my domain names
I've tested what happens when the server is down (because outages do happen) and everything was delivered as expected

And using SMTP2Go to avoid having to maintain an IP reputation

Chef's kiss

#cluster #k3s #k8s #stalwart #mail #smtp #smtp2go #break #pause

⚔️ su || cd ⚔️May 17

Been down a couple rabbit holes these past two weeks!

☁️ Spun up 2 #PVNG instances (1 via Cloudflare Tunnel)
📦 Picked Garage for S3 storage
📱 #k3s alerts to phone via ntfy
💾 Velero k3s backups w/ Garage backend
🖼️ #PVNG image shrinker w/ Garage (for me & @mitch)
🎵 Styled an experimental #PVNG music frontend
📊 Better monitoring: frontend metrics + k3s logs/metrics

#SelfHosted #Homelab #Kubernetes #S3