Glossary
Relevant source files
- .justfile
- .renovate/minecraft.json5
- .renovaterc.json5
- .taskfiles/Flux/Taskfile.yaml
- .taskfiles/Repository/Taskfile.yaml
- .taskfiles/bootstrap/Taskfile.yaml
- bootstrap/helmfile.d/00-crds.yaml
- docs/ai-context/CONVENTIONS.md
- infrastructure/terraform/authentik/applications.tf
- infrastructure/terraform/authentik/directory.tf
- infrastructure/terraform/authentik/flows.tf
- infrastructure/terraform/authentik/main.tf
- infrastructure/terraform/authentik/stages-prompt_fields.tf
- infrastructure/terraform/authentik/stages.tf
- infrastructure/terraform/authentik/system.tf
- infrastructure/terraform/authentik/variables.tf
- infrastructure/terraform/proxmox/README.md
- infrastructure/terraform/proxmox/providers.tf
- infrastructure/terraform/proxmox/talos/config.tf
- infrastructure/terraform/proxmox/talos/image.tf
- infrastructure/terraform/proxmox/talos/image/schematic.yaml
- infrastructure/terraform/proxmox/talos/machine-config/common.yaml.tftpl
- infrastructure/terraform/proxmox/talos/machine-config/control-plane.yaml.tftpl
- infrastructure/terraform/proxmox/talos/machine-config/worker.yaml.tftpl
- infrastructure/terraform/proxmox/talos/providers.tf
- infrastructure/terraform/proxmox/talos/variables.tf
- infrastructure/terraform/proxmox/talos/virtual-machines.tf
- infrastructure/terraform/proxmox/talos_cluster.auto.tfvars
- infrastructure/terraform/proxmox/talos_image.auto.tfvars
- infrastructure/terraform/proxmox/talos_nodes.auto.tfvars
- infrastructure/terraform/proxmox/variables.tf
- infrastructure/terraform/s3/backblaze/providers.tf
- kubernetes/apps/ai/toolhive/config/grafanadashboard.yaml
- kubernetes/apps/database/dragonfly-operator/app/helmrelease.yaml
- kubernetes/apps/default/kustomization.yaml
- kubernetes/apps/downloads/autobrr/app/helmrelease.yaml
- kubernetes/apps/downloads/bazarr/app/helmrelease.yaml
- kubernetes/apps/downloads/kustomization.yaml
- kubernetes/apps/downloads/lidarr/app/helmrelease.yaml
- kubernetes/apps/downloads/prowlarr/app/helmrelease.yaml
- kubernetes/apps/downloads/qbittorrent/app/helmrelease.yaml
- kubernetes/apps/downloads/radarr/app/helmrelease.yaml
- kubernetes/apps/downloads/sabnzbd/app/helmrelease.yaml
- kubernetes/apps/downloads/sonarr/app/helmrelease.yaml
- kubernetes/apps/games/minecraft/app/helmrelease.yaml
- kubernetes/apps/home-automation/home-assistant/app/helmrelease.yaml
- kubernetes/apps/home-automation/kustomization.yaml
- kubernetes/apps/kube-system/cilium/app/grafanadashboard.yaml
- kubernetes/apps/kube-system/cilium/app/helm/values.yaml
- kubernetes/apps/kube-system/cilium/app/helmrelease.yaml
- kubernetes/apps/kube-system/cilium/app/httproute.yaml
- kubernetes/apps/kube-system/cilium/app/kustomization.yaml
- kubernetes/apps/media/kustomization.yaml
- kubernetes/apps/network/envoy-gateway/app/envoy.yaml
- kubernetes/apps/network/envoy-gateway/app/helmrelease.yaml
- kubernetes/apps/network/envoy-gateway/app/kustomization.yaml
- kubernetes/apps/network/envoy-gateway/app/ocirepository.yaml
- kubernetes/apps/network/envoy-gateway/app/scaledobject.yaml
- kubernetes/apps/network/multus/app/helmrelease.yaml
- kubernetes/apps/network/multus/app/kustomization.yaml
- kubernetes/apps/network/multus/app/ocirepository.yaml
- kubernetes/apps/network/multus/config/kustomization.yaml
- kubernetes/apps/network/multus/config/net-attach-iot.yaml
- kubernetes/apps/network/multus/config/net-attach-not.yaml
- kubernetes/apps/network/multus/config/net-attach-trust.yaml
- kubernetes/apps/network/multus/ks.yaml
- kubernetes/apps/observability/kube-prometheus-stack/app/helmrelease.yaml
- kubernetes/apps/observability/kube-prometheus-stack/app/ocirepository.yaml
- kubernetes/apps/observability/kustomization.yaml
- kubernetes/apps/security/kustomization.yaml
- kubernetes/apps/security/tetragon/app/helmrelease.yaml
- kubernetes/apps/security/trivy-operator-polr-adapter/app/helmrelease.yaml
- kubernetes/apps/storage/democratic-csi/app/helmrelease.yaml
- kubernetes/apps/storage/kustomization.yaml
- kubernetes/apps/volsync-system/kustomization.yaml
- kubernetes/apps/volsync-system/snapshot-controller/app/helmrelease.yaml
- kubernetes/apps/volsync-system/snapshot-controller/ks.yaml
- kubernetes/apps/volsync-system/volsync/app/helmrelease.yaml
- kubernetes/apps/volsync-system/volsync/app/kustomization.yaml
- kubernetes/apps/volsync-system/volsync/app/prometheusrule.yaml
- kubernetes/apps/volsync-system/volsync/ks.yaml
- kubernetes/components/volsync-no-r2/kustomization.yaml
- kubernetes/components/volsync/kustomization.yaml
- scripts/bootstrap-cluster.sh
- scripts/render-machine-config.sh
This page provides definitions for codebase-specific terms, abbreviations, tools, and domain concepts utilized within the home-ops repository. It serves as a technical reference for understanding how various components interact and where they are defined in the source tree.
Infrastructure & Provisioning
| Term | Definition |
|---|---|
| Talos Linux | A modern, API-managed security-focused operating system for Kubernetes. Machine configurations are generated via Terraform templates infrastructure/terraform/proxmox/talos/machine-config/common.yaml.tftpl1-10 |
| Proxmox | The Type-1 hypervisor used to host the virtual machines (VMs) for the cluster. VMs are managed via the bpg/proxmox Terraform provider infrastructure/terraform/proxmox/providers.tf1-10 |
| MachineConfig | The declarative configuration file for Talos nodes, replacing traditional SSH/shell access. Templates exist for control-plane and worker nodes infrastructure/terraform/proxmox/talos/machine-config/control-plane.yaml.tftpl1-5 |
| Taskfile | A task runner (replacement for Make) used for cluster operations like bootstrapping and secret management scripts/bootstrap-cluster.sh1-10 |
Sources:infrastructure/terraform/proxmox/providers.tf1-10infrastructure/terraform/proxmox/talos/machine-config/common.yaml.tftpl1-10scripts/bootstrap-cluster.sh1-10
Networking & Security
Cilium & Connectivity
- L2 Announcements: Used by Cilium to announce LoadBalancer IPs to the local network via ARP kubernetes/apps/kube-system/cilium/app/helmrelease.yaml60-61
- DSR (Direct Server Return): A load balancing mode where the backend pod replies directly to the client, bypassing the balancer for the return path kubernetes/apps/kube-system/cilium/app/helmrelease.yaml64
- Multus CNI: Allows pods to attach to multiple network interfaces, specifically used for VLAN tagging in Home Assistant kubernetes/apps/home-automation/home-assistant/app/helmrelease.yaml39-54
Identity & Auth
- Authentik: The primary Identity Provider (IdP) for SSO. Applications are defined as
authentik_applicationandauthentik_provider_oauth2in Terraform infrastructure/terraform/authentik/applications.tf106-150 - Ext-Auth: A pattern where Envoy Gateway delegates authentication to Authentik before allowing traffic to reach a backend service infrastructure/terraform/authentik/applications.tf13-31
Diagram: Networking Logic to Code Entities
This diagram bridges the conceptual networking flow to the specific Kubernetes resources and Terraform definitions used in the cluster.
[Flowchart Diagram]
Sources:kubernetes/apps/network/envoy-gateway/app/envoy.yaml47-90kubernetes/apps/home-automation/home-assistant/app/helmrelease.yaml39-54infrastructure/terraform/authentik/applications.tf106-150
GitOps & Application Management
Flux CD Concepts
- HelmRelease: A Flux custom resource that defines how a Helm chart should be deployed. Most applications in this repo use the
bjw-s/app-templatekubernetes/apps/downloads/qbittorrent/app/helmrelease.yaml1-10 - OCIRepository: A source for Flux that fetches charts or manifests stored as OCI artifacts kubernetes/apps/games/minecraft/app/helmrelease.yaml3-13
- Kustomization (Flux): A resource that tells Flux where to find Kubernetes manifests in the repository and how to apply them kubernetes/apps/media/kustomization.yaml1-7
Storage & Persistence
- VolSync: An operator used for asynchronous volume replication and backups. It utilizes
ReplicationSourceandReplicationDestinationCRDs kubernetes/apps/home-automation/home-assistant/app/helmrelease.yaml18-20 - local-hostpath: A StorageClass provided by
democratic-csifor high-performance local NVMe/SSD storage kubernetes/apps/observability/kube-prometheus-stack/app/helmrelease.yaml50
Diagram: Application Deployment Flow
Associating the GitOps reconciliation process with the file structure.
[Flowchart Diagram]
Sources:kubernetes/apps/media/kustomization.yaml1-23kubernetes/apps/downloads/qbittorrent/app/helmrelease.yaml1-18kubernetes/apps/games/minecraft/app/helmrelease.yaml1-24
Observability
| Tool | Code Implementation | Purpose |
|---|---|---|
| Prometheus | kube-prometheus-stack | Metrics collection and alerting. Configured with OTLP receiver kubernetes/apps/observability/kube-prometheus-stack/app/helmrelease.yaml82-83 |
| Alertmanager | alertmanagerSpec | Route management for alerts, including custom rules for Dockerhub limits and ZFS health kubernetes/apps/observability/kube-prometheus-stack/app/helmrelease.yaml143-182 |
| Gatus | gatus.home-operations.com/endpoint | Service health monitoring via annotations on Services or Routes kubernetes/apps/home-automation/home-assistant/app/helmrelease.yaml121-124 |
| Node Exporter | prometheus-node-exporter | Host-level hardware and OS metrics kubernetes/apps/observability/kube-prometheus-stack/app/helmrelease.yaml113-114 |
Sources:kubernetes/apps/observability/kube-prometheus-stack/app/helmrelease.yaml82-182kubernetes/apps/home-automation/home-assistant/app/helmrelease.yaml121-124
Common Abbreviations
- CNI: Container Network Interface (e.g., Cilium).
- CSI: Container Storage Interface (e.g., Democratic-CSI).
- CRD: Custom Resource Definition (Kubernetes API extension).
- HNC: Hierarchical Namespace Controller (not explicitly detailed in provided files but relevant to cluster structure).
- iGPU: Integrated Graphics Processing Unit, passed through to media apps for transcoding kubernetes/apps/media/kustomization.yaml11-17
- PITR: Point-In-Time Recovery (relevant to CloudNativePG database backups).
- SOPS: Secrets Operations (used for encrypting YAML secrets in Git).
Sources:kubernetes/apps/media/kustomization.yaml11-17kubernetes/apps/kube-system/cilium/app/helmrelease.yaml37-38