- HCL 41.3%
- Shell 41%
- Go Template 17.7%
Jorijn Schrijvershof
3455f25667
Kustomize helmCharts entries pointing at in-tree charts via chartHome have no repo: field, causing Renovate's helm datasource to log 'Failed to look up helm package' on every run for cloudflare-tunnel-remote, mastodon, varnish, and vpa-resources. Disable lookups for any kustomize chart at the 0.0.0 placeholder convention used for local charts. |
||
|---|---|---|
| .claude | ||
| charts | ||
| docs | ||
| manifests | ||
| packer | ||
| platform | ||
| scripts | ||
| .envrc.dist | ||
| .gitignore | ||
| CLAUDE.md | ||
| README.md | ||
| renovate.json | ||
toot.community Kubernetes Cluster
Note
The code included in this repository is not meant to be run as-is. It's merely a collection of infrastructure code and Kubernetes manifests that are used to deploy the toot.community Kubernetes cluster. You will need to adapt the code to your own needs and environment.
Overview
This repository contains the complete infrastructure-as-code setup for deploying a production Kubernetes cluster on Hetzner Cloud. The project uses:
- OpenTofu/Terraform - Infrastructure provisioning and management
- Talos Linux - Kubernetes-optimized operating system
- Packer - Custom OS image building
- ArgoCD - GitOps continuous deployment
- HashiCorp Vault - Secrets management
- Helm Charts - Application packaging (Mastodon, Varnish)
- Task - Build automation via platform/Taskfile.yml
The infrastructure follows GitOps principles with ArgoCD managing application deployments from the manifests/ directory.
Project Structure
platform/- OpenTofu infrastructure code for Hetzner Cloud resourcespacker/- Talos Linux image building configurationmanifests/- Kubernetes applications and cluster bootstrap configurationscharts/- Custom Helm charts for Mastodon and Varnishplatform/configs/- Environment-specific configuration files
Create the template
Build a custom Talos Linux image for Hetzner Cloud using Packer:
cd packer
packer build .
Note the image ID from the output and update it in
configs/production.tfvars
Create infrastructure
Install OpenTofu first, then provision the Hetzner Cloud infrastructure:
cd platform
task plan # Review planned changes
task apply # Deploy infrastructure
This creates the Kubernetes cluster, networking, storage, and security groups as defined in the OpenTofu configuration files.
Bootstrap
After infrastructure deployment, bootstrap the cluster with essential services:
cd platform
task get-kubeconfig # Download cluster access credentials
task get-talosconfig # Download Talos management credentials
cd ../
# Setup Hetzner Cloud integration
kubectl create --namespace kube-system secret generic hcloud \
--from-literal=network="$(op read 'op://toot.community/6r6v2bqh6dhuunbn6nri4bw3sa/network')" \
--from-literal=token="$(op read 'op://toot.community/6r6v2bqh6dhuunbn6nri4bw3sa/token')" \
--from-literal=robot-user="$(op read 'op://toot.community/6r6v2bqh6dhuunbn6nri4bw3sa/robot-user')" \
--from-literal=robot-password="$(op read 'op://toot.community/6r6v2bqh6dhuunbn6nri4bw3sa/robot-password')"
# Deploy core cluster services via ArgoCD
kustomize build --enable-helm --load-restrictor=LoadRestrictionsNone manifests/cluster-bootstrap | kubectl apply -f -
This bootstrap process installs:
- ArgoCD for GitOps deployments
- Core networking (Cilium)
- Other essential cluster services defined in the manifests