moritz
/
infrapuzzle
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
infrapuzzle/AGENTS.md

53 lines
2.2 KiB
Markdown
Raw Blame History

# AGENTS.md
> [!NOTE]
> **Infrapuzzle** is the monorepo for my personal infrastructure, encompassing Kubernetes cluster provisioning, workload deployment, DNS management, and IoT monitoring.
## Repository Structure & Documentation
This repository is divided into distinct domains, each with its own `AGENTS.md` or specialized documentation.
### 1. [Bootstrap](./bootstrap/AGENTS.md) (`bootstrap/`)
* **Purpose**: Provisioning the single-node Kubernetes cluster (Haumdaucher).
* **Tool**: Kubespray (Ansible).
* **Key File**: `init.sh` (Source of Truth for versioning).
* **Read**: [bootstrap/AGENTS.md](./bootstrap/AGENTS.md)
### 2. [Kubernetes Workloads](./k8s/AGENTS.md) (`k8s/`)
* **Purpose**: Deploying applications and services to the cluster.
* **Method**: GitOps-style directory structure (Namespace = Folder).
* **Constraints**: Enforces `ingress-nginx`, `cert-manager` (Let's Encrypt), and `git-crypt` for secrets.
* **Read**: [k8s/AGENTS.md](./k8s/AGENTS.md)
### 3. Terraform (`terraform/`)
* **Purpose**: Infrastructure as Code for external resources, primarily **DNS**.
* **Provider**: OVH (`ovh/ovh`).
* **Scope**:
* **DNS Zones**: `haumdaucher.de`, `moritzgraf.de`, `ameliegraf.de`, and others.
* **Mail Config**: Google Workspace MX/SPF/DKIM records.
* **Cluster IP**: Points domains to the Haumdaucher node IP (`136.243.23.215`).
* **Usage**:
```bash
cd terraform
terraform init
terraform apply
```
### 4. Monitoring (`monitoring/`)
* **Purpose**: IoT and physical device monitoring, separate from K8s metrics.
* **Tool**: [ESPHome](https://esphome.io).
* **Devices**: Temperature sensors, plant monitors (Xiaomi/BLE), ESP32 bridges.
* **Usage**:
```bash
cd monitoring
# Flash or update a device
esphome run config/<device>.secret.yml
```
* **Network**: Devices typically operate on static IPs in the `192.168.x.x` range.
## Global Constraints
* **Secrets**: `git-crypt` is used extensively. Ensure you have the unlock key before editing `*.secret` files.
* **Identity**:
* **Cluster**: `haumdaucher`
* **Primary Domain**: `haumdaucher.de`
* **User Identity**: `moritzgraf.de`
Reference in New Issue View Git Blame Copy Permalink