infrapuzzle/AGENTS.md

AGENTS.md

[!NOTE] Infrapuzzle is the monorepo for my personal infrastructure, encompassing Kubernetes cluster provisioning, workload deployment, DNS management, and IoT monitoring.

Repository Structure & Documentation

This repository is divided into distinct domains, each with its own AGENTS.md or specialized documentation.

1. Bootstrap (bootstrap/)

• Purpose: Provisioning the single-node Kubernetes cluster (Haumdaucher).
• Tool: Kubespray (Ansible).
• Key File: init.sh (Source of Truth for versioning).
• Read: bootstrap/AGENTS.md

2. Kubernetes Workloads (k8s/)

• Purpose: Deploying applications and services to the cluster.
• Method: GitOps-style directory structure (Namespace = Folder).
• Constraints: Enforces ingress-nginx, cert-manager (Let's Encrypt), and git-crypt for secrets.
• Read: k8s/AGENTS.md

3. Terraform (terraform/)

• Purpose: Infrastructure as Code for external resources, primarily DNS.
• Provider: OVH (ovh/ovh).
• Scope:
  • DNS Zones: haumdaucher.de, moritzgraf.de, ameliegraf.de, and others.
  • Mail Config: Google Workspace MX/SPF/DKIM records.
  • Cluster IP: Points domains to the Haumdaucher node IP (136.243.23.215).
• Usage:

  cd terraform
  terraform init
  terraform apply
  

4. Monitoring (monitoring/)

• Purpose: IoT and physical device monitoring, separate from K8s metrics.
• Tool: ESPHome.
• Devices: Temperature sensors, plant monitors (Xiaomi/BLE), ESP32 bridges.
• Usage:

  cd monitoring
  # Flash or update a device
  esphome run config/<device>.secret.yml
  

• Network: Devices typically operate on static IPs in the 192.168.x.x range.

Global Constraints

• Secrets: git-crypt is used extensively. Ensure you have the unlock key before editing *.secret files.
• Identity:
  • Cluster: haumdaucher
  • Primary Domain: haumdaucher.de
  • User Identity: moritzgraf.de