Haven
A forever-work-in-progress self-hosted server setup
Runs on a multi-node k3s cluster deployed across VMs and bare-metal hosts.
Application configuration is stored on an NFS share located on a dedicated SSD. This uses nfs-subdir-external-provisioner as a dynamic storage provisioner with PVC-specific paths. Additional data is stored on a NAS exported via NFS.
The cluster runs k3s with nginx as the ingress controller. MetalLB is used in layer 2 mode for load balancing. cert-manager provides a local CA and issues certificates (required by Vaultwarden).
For setup details, see SETUP.md.
The repository name references my local TLD, .haven ;)
Namespaces
- default
- ArchiveBox
- Homarr
- Homepage
- It-tools
- Notepad
- Searxng
- Uptimekuma
- Vaultwarden
- dns
- AdGuardHome
- AdGuardHome-2 (2nd instance)
- AdGuard-Sync
- infra
- Haven Notify
- Beszel
- Beszel Agent (running as a DaemonSet)
- Code Config (VS Code for internal config editing)
- WireGuard Easy
- dev
- Gitea Runner (x64)
- Gitea Runner (arm64)
- monitoring
- Grafana
- Prometheus
- Node Exporter
- Kube State Metrics
- Loki
- Alloy
Miscellaneous namespaces
- lab (a playground/sandbox namespace)
- nfs-pod (for testing and accessing NFS mounts)
- metallb-system
- MetalLB components
- cert-manager
- cert-manager components
Todo
- Move ArchiveBox data to its own PVC on the NAS
- Move Uptime Kuma to the infra namespace
- Add links to each application's documentation
- Add links to server scripts
- Move Alloy to the monitoring namespace
- Install Loki, Grafana, and Prometheus via Helm charts
- Configure Loki and Prometheus to use PVCs