This repository contains all the configuration of my HashiCorp Nomad deployment in my home server-rack. It is deployed in a high-availability configuration using both HashiCorp Vault and HashiCorp Consul.
The cluster itself runs on Ubuntu and is made available to me via the Tailscale VPN.
Everything within this repository is managed using Terraform, including deployment of workloads in Nomad. Terraform source files are organised by provider within the terraform directory.
To see all my Nomad job specifications, check the jobs directory.
Within my Nomad cluster, I run the following services:
- Bitwarden - Password manager
- Boundary - User identity management
- Grafana - For all the dashboards
- Home Assistant - IoT integration suite that allows me to manage & automate my smart devices
- Minio - S3 compatible object storage.
- PiHole - DNS & Adblocker that I use on my networked devices at home
- Postgres - SQL database for services that need one
- Prometheus - Scrapes metrics from configured services for monitoring purposes.
- Traefik - Reverse proxy & load balancer that allows me to access my applications and issue TLS certificates
This repository also contains apps I've built for my own nefarious purposes. These are listed below:
- homadctl - A command-line utility for automating my homelab tasks.
- speed-dial - A link dashboard for services running in the homelab.
Workloads that require persistent storage can use volumes mounted via NFS using the rocketduck CSI driver. Volume specifications are located here.
Merges to the master branch will automatically plan and apply changes to terraform files by first connecting the
GitHub action to my Tailscale tailnet. For pull requests, a plan is performed which can be checked within the
GitHub action log.
Keeping Nomad & Ubuntu up-to-date is done by leveraging Nomad's periodic jobs & the raw_exec driver. On a daily basis this job is ran which will keep Ubuntu's packages and distribution up-to-date.