/homad

Repository containing the configuration of my HashiCorp Nomad homelab

Primary LanguageHCL

homad

This repository contains all the configuration of my HashiCorp Nomad deployment in my home server-rack. It is deployed in a high-availability configuration using both HashiCorp Vault and HashiCorp Consul.

The cluster itself runs on Ubuntu and is made available to me via the Tailscale VPN.

Everything within this repository is managed using Terraform, including deployment of workloads in Nomad. Terraform source files are organised by provider within the terraform directory.

Workloads

To see all my Nomad job specifications, check the jobs directory.

Within my Nomad cluster, I run the following services:

  • Bitwarden - Password manager
  • Boundary - User identity management
  • Grafana - For all the dashboards
  • Home Assistant - IoT integration suite that allows me to manage & automate my smart devices
  • Minio - S3 compatible object storage.
  • PiHole - DNS & Adblocker that I use on my networked devices at home
  • Postgres - SQL database for services that need one
  • Prometheus - Scrapes metrics from configured services for monitoring purposes.
  • Traefik - Reverse proxy & load balancer that allows me to access my applications and issue TLS certificates

Custom Applications

This repository also contains apps I've built for my own nefarious purposes. These are listed below:

  • homadctl - A command-line utility for automating my homelab tasks.
  • speed-dial - A link dashboard for services running in the homelab.

CSI

Workloads that require persistent storage can use volumes mounted via NFS using the rocketduck CSI driver. Volume specifications are located here.

CI

Merges to the master branch will automatically plan and apply changes to terraform files by first connecting the GitHub action to my Tailscale tailnet. For pull requests, a plan is performed which can be checked within the GitHub action log.

Upgrades

Keeping Nomad & Ubuntu up-to-date is done by leveraging Nomad's periodic jobs & the raw_exec driver. On a daily basis this job is ran which will keep Ubuntu's packages and distribution up-to-date.