grant/fog
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add hardware to readme

Browse Source
This commit is contained in:
Grant 2025-02-09 18:31:43 -07:00
parent cde144806d
commit 19c981b20e
1 changed files with 39 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
README.md
View File

@ -1,18 +1,30 @@
# Fog # Fog
Like the cloud but local. Like the cloud but local.
## Required tools ## Required tools
- talosctl (https://www.talos.dev/v1.9/talos-guides/install/talosctl/ ) - talosctl (https://www.talos.dev/v1.9/talos-guides/install/talosctl/ )
- kubectl (https://kubernetes.io/docs/tasks/tools/#kubectl ) - kubectl (https://kubernetes.io/docs/tasks/tools/#kubectl )
- bitwarded secrets CLI (https://bitwarden.com/help/secrets-manager-cli/ ) - bitwarded secrets CLI (https://bitwarden.com/help/secrets-manager-cli/ )
## Talos Cluster ## Talos Cluster
### Machine check list ### Hardware
- HP ProDesk 400 G3 (x3)
- Seagate Iron Wolf 2Tb (x2)
- Western Digital Red Pro 2Tb
- Sabrent HDD Docking Station (3x)
- Switch
- Ecoflow River 3 Plus
- Ecoflow River 3
- Router
- Modem
#### HP ProDesk check list
Using refurbished hardware is an adventure in configuration, make sure some things are standard before starting. Using refurbished hardware is an adventure in configuration, make sure some things are standard before starting.
- Secure boot is off - Secure boot is off
- BIOS password disabled - BIOS password disabled
- Enable restore after power outage - Enable restore after power outage
### Generate config
### Generate config
```sh ```sh
bws secret get <talos-secret-id> -o json | jq .value --raw-output > talos/secrets.yaml bws secret get <talos-secret-id> -o json | jq .value --raw-output > talos/secrets.yaml
talosctl gen config fog https://192.168.1.43:6443 \ talosctl gen config fog https://192.168.1.43:6443 \
@ -23,10 +35,10 @@ talosctl gen config fog https://192.168.1.43:6443 \
``` ```
### Add node to talos cluster ### Add node to talos cluster
```sh ```sh
talosctl apply-config [--insecure] -n <ips> controlplane.yaml talosctl apply-config [--insecure] -n <ips> controlplane.yaml
``` ```
### Update context ### Update context
```sh ```sh
talosctl config node 192.168.1.38 192.168.1.43 192.168.1.39 talosctl config node 192.168.1.38 192.168.1.43 192.168.1.39
``` ```
@ -40,7 +52,7 @@ kubectl apply -f https://raw.githubusercontent.com/alex1989hu/kubelet-serving-ce
kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml
``` ```
### Ceph ### Ceph
```sh ```sh
helm repo add rook-release https://charts.rook.io/release helm repo add rook-release https://charts.rook.io/release
helm install --create-namespace --namespace rook-ceph rook-ceph rook-release/rook-ceph helm install --create-namespace --namespace rook-ceph rook-ceph rook-release/rook-ceph
@ -56,7 +68,7 @@ helm install --create-namespace --namespace metallb-system metallb metallb/metal
kubectl label namespace metallb-system pod-security.kubernetes.io/enforce=privileged kubectl label namespace metallb-system pod-security.kubernetes.io/enforce=privileged
kubectl label namespace metallb-system pod-security.kubernetes.io/audit=privileged kubectl label namespace metallb-system pod-security.kubernetes.io/audit=privileged
kubectl label namespace metallb-system pod-security.kubernetes.io/warn=privileged kubectl label namespace metallb-system pod-security.kubernetes.io/warn=privileged
kubectl -n metallb-system apply -f metallb/ipaddresspool.yaml kubectl -n metallb-system apply -f metallb/ipaddresspool.yaml
``` ```
@ -72,11 +84,11 @@ helm install --create-namespace --namespace traefik traefik traefik/traefik\
``` ```
### Postgres ### Postgres
```sh ```sh
helm install pgo --create-namespace --namespace postgres-operator ../postgres-operator/helm/install --values postgres/operator-values.yaml helm install pgo --create-namespace --namespace postgres-operator ../postgres-operator/helm/install --values postgres/operator-values.yaml
helm install postgres --create-namespace --namespace datastore ../postgres-operator/helm/postgres --values postgres/values.yaml helm install postgres --create-namespace --namespace datastore ../postgres-operator/helm/postgres --values postgres/values.yaml
# copy secret over to goatchat namespace # copy secret over to goatchat namespace
kubectl get secrets -n datastore postgres-pguser-synapse -o json | jq 'del(.metadata.resourceVersion,.metadata.uid,.metadata.ownerReferences) | .metadata.creationTimestamp=null,.metadata.namespace="goatchat"' | kubectl apply -f - kubectl get secrets -n datastore postgres-pguser-synapse -o json | jq 'del(.metadata.resourceVersion,.metadata.uid,.metadata.ownerReferences) | .metadata.creationTimestamp=null,.metadata.namespace="goatchat"' | kubectl apply -f -
``` ```
@ -88,9 +100,9 @@ helm install --create-namespace --namespace datastore mariadb oci://registry-1.
## Goatchat (matrix) ## Goatchat (matrix)
### Synapse ### Synapse
#### Setup db #### Setup db
delete synapse db and recreate with correct locale delete synapse db and recreate with correct locale
```sh ```sh
PRIMARY_POD=$(kubectl -n datastore get pods --selector='postgres-operator.crunchydata.com/cluster=postgres,postgres-operator.crunchydata.com/role=master' -o jsonpath='{.items[*].metadata.labels.statefulset\.kubernetes\.io/pod-name}') PRIMARY_POD=$(kubectl -n datastore get pods --selector='postgres-operator.crunchydata.com/cluster=postgres,postgres-operator.crunchydata.com/role=master' -o jsonpath='{.items[*].metadata.labels.statefulset\.kubernetes\.io/pod-name}')
PGPASSWORD=$(kubectl -n datastore get secrets "postgres-pguser-grant" -o go-template='{{.data.password | base64decode}}') PGPASSWORD=$(kubectl -n datastore get secrets "postgres-pguser-grant" -o go-template='{{.data.password | base64decode}}')
kubectl -n datastore exec -it "$PRIMARY_POD" -- psql -c 'DROP DATABASE synapse;' kubectl -n datastore exec -it "$PRIMARY_POD" -- psql -c 'DROP DATABASE synapse;'
@ -105,7 +117,7 @@ PGSSLMODE=disable pg_restore -h localhost -U synapse -vv -d synapse < synapse.d
``` ```
#### Install Synapse #### Install Synapse
```sh ```sh
helm repo add ananace-charts https://ananace.gitlab.io/charts helm repo add ananace-charts https://ananace.gitlab.io/charts
kubectl create ns goatchat kubectl create ns goatchat
@ -127,9 +139,8 @@ kubeclt apply -k matrix-registration
``` ```
## Ghost Blogs ## Ghost Blogs
### kngot
I got tired of fighting the docker container so I manually overrode the `config.production.json` I got tired of fighting the docker container so I manually overrode the `config.production.json`
which looks like which looks like
``` ```
{ {
"url": <url>, "url": <url>,
@ -171,22 +182,23 @@ which looks like
} }
} }
``` ```
### kngot
#### Create db and user #### Create db and user
```sh ```sh
CREATE DATABASE kgnot_ghost; CREATE DATABASE kgnot_ghost;
grant all privileges on kgnot_ghost.* to kgnot_ghost@'10.%.%.%' identified by '$KGNOT_MYSQL_PASSWORD'; grant all privileges on kgnot_ghost.* to kgnot_ghost@'10.%.%.%' identified by '$KGNOT_MYSQL_PASSWORD';
``` ```
#### Install app #### Install app
```sh ```sh
kubectl create secret generic ghost-kgnot-user-secret --from-literal=ghost-password=$KGNOT_GHOST_USER_PASSWORD kubectl create secret generic ghost-kgnot-user-secret --from-literal=ghost-password=$KGNOT_GHOST_USER_PASSWORD
kubectl create secret generic ghost-kgnot-db-secret --from-literal=mysql-password=$KGNOT_MYSQL_PASSWORD kubectl create secret generic ghost-kgnot-db-secret --from-literal=mysql-password=$KGNOT_MYSQL_PASSWORD
kubectl create secret generic kgnot-smtp-password --from-literal=smtp-password=$KNGOT_SMTP_PASSWORD kubectl create secret generic kgnot-smtp-password --from-literal=smtp-password=$KNGOT_SMTP_PASSWORD
helm install --create-namespace \ helm upgrade --create-namespace \
--namespace ghost \ --namespace ghost \
kgnot-ghost oci://registry-1.docker.io/bitnamicharts/ghost \ kgnot-ghost oci://registry-1.docker.io/bitnamicharts/ghost \
--set ghostUsername=$KGNOT_GHOST_USER_NAME \ --set ghostUsername=$KGNOT_GHOST_USER_NAME \
--values kgnot/values.yaml --values kgnot/values.yaml \
--install
``` ```
### 53ll ### 53ll
@ -195,15 +207,15 @@ helm install --create-namespace \
CREATE DATABASE 53ll_ghost; CREATE DATABASE 53ll_ghost;
grant all privileges on 53ll_ghost.* to 53ll_ghost@'10.%.%.%' identified by '$GHOST_53LL_MYSQL_PASSWORD'; grant all privileges on 53ll_ghost.* to 53ll_ghost@'10.%.%.%' identified by '$GHOST_53LL_MYSQL_PASSWORD';
``` ```
#### Install app #### Install app
```sh ```sh
kubectl create secret generic ghost-53ll-user-secret --from-literal=ghost-password=$GHOST_53LL_USER_PASSWORD kubectl create secret generic ghost-53ll-user-secret --from-literal=ghost-password=$GHOST_53LL_USER_PASSWORD
kubectl create secret generic ghost-53ll-db-secret --from-literal=mysql-password=$GHOST_53LL_MYSQL_PASSWORD kubectl create secret generic ghost-53ll-db-secret --from-literal=mysql-password=$GHOST_53LL_MYSQL_PASSWORD
kubectl create secret generic 53ll-smtp-password --from-literal=smtp-password=$GHOST_53LL_SMTP_PASSWORD kubectl create secret generic 53ll-smtp-password --from-literal=smtp-password=$GHOST_53LL_SMTP_PASSWORD
helm install --create-namespace \ helm upgrade --create-namespace \
--namespace ghost \ --namespace ghost \
53ll-ghost oci://registry-1.docker.io/bitnamicharts/ghost \ 53ll-ghost oci://registry-1.docker.io/bitnamicharts/ghost \
--set ghostUsername=$GHOST_53LL_USER_NAME \ --set ghostUsername=$GHOST_53LL_USER_NAME \
--values 53ll/values.yaml --values 53ll/values.yaml \
--install
``` ```