Default Namespace Utilities
Relevant source files
- kubernetes/apps/default/atuin/app/helmrelease.yaml
- kubernetes/apps/default/atuin/app/kustomization.yaml
- kubernetes/apps/default/atuin/ks.yaml
- kubernetes/apps/default/changedetection/app/helmrelease.yaml
- kubernetes/apps/default/changedetection/app/kustomization.yaml
- kubernetes/apps/default/changedetection/ks.yaml
- kubernetes/apps/default/cyberchef/app/helmrelease.yaml
- kubernetes/apps/default/cyberchef/ks.yaml
- kubernetes/apps/default/freshrss/ks.yaml
- kubernetes/apps/default/glance/app/config/glance.yml
- kubernetes/apps/default/glance/app/externalsecret.yaml
- kubernetes/apps/default/glance/app/helmrelease.yaml
- kubernetes/apps/default/glance/app/kustomization.yaml
- kubernetes/apps/default/glance/ks.yaml
- kubernetes/apps/default/homepage/app/configmap.yaml
- kubernetes/apps/default/homepage/app/externalsecret.yaml
- kubernetes/apps/default/homepage/app/helmrelease.yaml
- kubernetes/apps/default/homepage/app/rbac.yaml
- kubernetes/apps/default/homepage/ks.yaml
- kubernetes/apps/default/it-tools/app/helmrelease.yaml
- kubernetes/apps/default/it-tools/ks.yaml
- kubernetes/apps/default/karakeep/app/externalsecret.yaml
- kubernetes/apps/default/karakeep/app/helmrelease.yaml
- kubernetes/apps/default/karakeep/app/kustomization.yaml
- kubernetes/apps/default/karakeep/ks.yaml
- kubernetes/apps/default/n8n/app/helmrelease.yaml
- kubernetes/apps/default/n8n/ks.yaml
- kubernetes/apps/default/pdf-tool/app/helmrelease.yaml
- kubernetes/apps/default/pdf-tool/ks.yaml
- kubernetes/apps/default/rustdesk/app/helmrelease.yaml
- kubernetes/apps/default/rustdesk/app/kustomization.yaml
- kubernetes/apps/default/rustdesk/ks.yaml
- kubernetes/apps/default/searxng/app/helmrelease.yaml
- kubernetes/apps/default/searxng/ks.yaml
- kubernetes/apps/default/sure/app/externalsecret.yaml
- kubernetes/apps/default/sure/app/helmrelease.yaml
- kubernetes/apps/default/sure/app/kustomization.yaml
- kubernetes/apps/default/sure/ks.yaml
- kubernetes/apps/default/thelounge/app/helmrelease.yaml
- kubernetes/apps/default/thelounge/app/kustomization.yaml
- kubernetes/apps/default/thelounge/ks.yaml
- kubernetes/apps/downloads/autobrr/app/externalsecret.yaml
- kubernetes/apps/downloads/autobrr/app/kustomization.yaml
- kubernetes/apps/downloads/autobrr/ks.yaml
- kubernetes/apps/downloads/profilarr/app/helmrelease.yaml
- kubernetes/apps/downloads/prowlarr/ks.yaml
- kubernetes/apps/downloads/sabnzbd/app/kustomization.yaml
- kubernetes/apps/downloads/sabnzbd/ks.yaml
- kubernetes/apps/downloads/webhook/app/helmrelease.yaml
- kubernetes/apps/flux-system/flux-instance/app/httproute.yaml
- kubernetes/apps/media/maintainerr/app/helmrelease.yaml
- kubernetes/apps/media/watchstate/app/helmrelease.yaml
- kubernetes/apps/observability/kromgo/app/helmrelease.yaml
- kubernetes/apps/security/authentik/app/httproute.yaml
- kubernetes/apps/security/authentik/ks.yaml
- kubernetes/apps/storage/garage/webui/helmrelease.yaml
- kubernetes/apps/storage/staticgarage/webui/helmrelease.yaml
- kubernetes/apps/volsync-system/kopia/app/helmrelease.yaml
- scripts/httproute-csv.sh
The default namespace serves as the primary landing zone for general-purpose utility applications, workflow automation, and productivity tools. These services are characterized by their integration with the central dashboard and their reliance on shared cluster infrastructure such as the envoy-internal gateway and dragonfly cache.
Dashboard and Information Aggregation
The cluster utilizes Homepage as the central entry point for all services. It is configured to dynamically discover services via Kubernetes annotations.
Homepage Dashboard
Homepage is deployed using the app-templatekubernetes/apps/default/homepage/app/helmrelease.yaml5-10 It integrates with the cluster’s RBAC to allow the homepage ServiceAccount to query Kubernetes resources kubernetes/apps/default/homepage/app/helmrelease.yaml37-38
- Annotation Integration: Apps across the cluster use
gethomepage.dev/annotations to register themselves. For example, thesureapp defines its icon, description, and group via these annotations kubernetes/apps/default/sure/app/helmrelease.yaml167-171 - Configuration: Static configuration for bookmarks, services, and widgets is managed via a
ConfigMapkubernetes/apps/default/homepage/app/configmap.yaml3-9 - Widgets: Homepage is configured with widgets for infrastructure monitoring, including
opnsensekubernetes/apps/default/homepage/app/configmap.yaml86-90 andcloudflaredkubernetes/apps/default/homepage/app/configmap.yaml109-114
Glance
Glance provides a secondary dashboard/landing page, configured via glance.yml. It typically serves as a lightweight alternative or specialized view for specific metrics and links.
Sources:
- kubernetes/apps/default/homepage/app/helmrelease.yaml
- kubernetes/apps/default/homepage/app/configmap.yaml
- kubernetes/apps/default/sure/app/helmrelease.yaml
Workflow and Automation
n8n Workflow Automation
n8n is the primary engine for low-code automation within the cluster.
- Execution Data: Configured to prune execution data older than 7 days to manage storage kubernetes/apps/default/n8n/app/helmrelease.yaml30-32
- Webhooks: A dedicated
HTTPRouteis configured forn8n-webhook.cloudjur.comto handle incoming automation triggers kubernetes/apps/default/n8n/app/helmrelease.yaml78-85 It specifically matches paths/webhookand/webhook-testkubernetes/apps/default/n8n/app/helmrelease.yaml86-91 - Persistence: Data is stored in an
existingClaimnamedn8nmounted at/home/node/.n8nkubernetes/apps/default/n8n/app/helmrelease.yaml57-62
Change Detection
changedetection.io monitors web pages for changes.
- Browserless Integration: It utilizes a sidecar
browsercontainer runningbrowserless/chromekubernetes/apps/default/changedetection/app/helmrelease.yaml43-47 - Networking: The pod is attached to a
vpnMultus network for requests that require specific egress routing kubernetes/apps/default/changedetection/app/helmrelease.yaml25-30
Sources:
- kubernetes/apps/default/n8n/app/helmrelease.yaml
- kubernetes/apps/default/changedetection/app/helmrelease.yaml
Data Flow: Automation and Persistence
The following diagram illustrates the interaction between automation tools and the underlying storage and network layers.
Automation System Architecture
[Flowchart Diagram]
Sources:
- kubernetes/apps/default/n8n/app/helmrelease.yaml57-62
- kubernetes/apps/default/changedetection/app/helmrelease.yaml25-30
- kubernetes/apps/default/changedetection/app/helmrelease.yaml42-46
Productivity and Utilities
The namespace hosts a variety of stateless and stateful utility tools:
| App | Purpose | Implementation Detail |
|---|---|---|
| Atuin | Shell History Sync | Uses SQLite backend at /config/atuin.dbkubernetes/apps/default/atuin/app/helmrelease.yaml30 |
| CyberChef | Data Manipulation | Stateless; uses emptyDir for Nginx cache and run directories kubernetes/apps/default/cyberchef/app/helmrelease.yaml65-77 |
| IT-Tools | Developer Utilities | Collection of web-based tools for developers. |
| Sure | Personal Finance | Rails-based app using dragonfly for Redis kubernetes/apps/default/sure/app/helmrelease.yaml49 and postgres-init for DB setup kubernetes/apps/default/sure/app/helmrelease.yaml98-102 |
| KaraKeep | Web Archiving | Multi-controller setup: karakeep (app), chrome (headless), and meilisearch (search engine) kubernetes/apps/default/karakeep/app/helmrelease.yaml22-114 |
| RustDesk | Remote Desktop | Self-hosted relay (hbbr) and ID server (hbbs) kubernetes/apps/default/rustdesk/app/helmrelease.yaml15-35 |
RustDesk Infrastructure
RustDesk is split into two controllers:
- hbbs (ID Server): Handles ID registration and keep-alive. It uses a SQLite database at
/db/db_v2.sqlite3kubernetes/apps/default/rustdesk/app/helmrelease.yaml32 - hbbr (Relay Server): Facilitates connections when direct P2P fails.
Both services are exposed viaLoadBalancerservices with static IPs assigned by Cilium kubernetes/apps/default/rustdesk/app/helmrelease.yaml50-66
Sources:
- kubernetes/apps/default/atuin/app/helmrelease.yaml
- kubernetes/apps/default/cyberchef/app/helmrelease.yaml
- kubernetes/apps/default/sure/app/helmrelease.yaml
- kubernetes/apps/default/karakeep/app/helmrelease.yaml
- kubernetes/apps/default/rustdesk/app/helmrelease.yaml
System Architecture: Utility Service Mapping
This diagram bridges the high-level utility names to their specific Kubernetes controller and service definitions.
Utility Entity Mapping
[Flowchart Diagram]
Sources:
- kubernetes/apps/default/rustdesk/app/helmrelease.yaml45-86
- kubernetes/apps/default/karakeep/app/helmrelease.yaml140-153
- kubernetes/apps/default/sure/app/helmrelease.yaml49-153
- kubernetes/apps/default/karakeep/app/helmrelease.yaml156-167
Deployment Pattern
All applications in this namespace follow the standard app-template pattern:
- HelmRelease: Managed by Flux with a 1-hour or 24-hour interval kubernetes/apps/default/homepage/app/helmrelease.yaml7
- Persistence: Most stateful apps use
PersistentVolumeClaims(e.g.,karakeep-data,sure,n8n) kubernetes/apps/default/karakeep/app/helmrelease.yaml157 - Security: Pods are generally configured with non-root security contexts (UID/GID 1000 or 2000) kubernetes/apps/default/sure/app/helmrelease.yaml21-24
- Ingress: Routes are defined using the
Gateway API(HTTPRoute) pointing toenvoy-internalkubernetes/apps/default/homepage/app/helmrelease.yaml71-72
Sources: