Homelab on Minoko Labs

Homelab on Minoko Labshttps://minoko.life/tags/homelab/Recent content in Homelab on Minoko LabsHugo -- 0.154.0en-usTue, 27 Jan 2026 12:00:00 +0000Mochi: An Algorithmic Trading Backtest Platform on Kuberneteshttps://minoko.life/posts/mochi-backtest-architecture/Tue, 27 Jan 2026 12:00:00 +0000https://minoko.life/posts/mochi-backtest-architecture/Architecture of a multi-language backtest pipeline using Argo Workflows, Trino, MinIO, and a React dashboard on a homelab Kubernetes clusterKubernetes Local PVs and Symlinks Do Not Mixhttps://minoko.life/posts/kubernetes-local-pv-symlink/Mon, 26 Jan 2026 20:00:00 +0100https://minoko.life/posts/kubernetes-local-pv-symlink/Why Kubernetes local persistent volumes fail to mount when the hostPath is a symlink, and how to fix it with bind mounts.OSC 52: Copy to Local Clipboard Over SSHhttps://minoko.life/posts/osc52-clipboard-over-ssh/Sun, 18 Jan 2026 18:00:00 +0000https://minoko.life/posts/osc52-clipboard-over-ssh/Use OSC 52 escape sequences to copy text from a remote server directly to your local Wayland or X11 clipboard through an SSH connection.Avoiding Stale Builds with Kaniko and Container Registry Cachinghttps://minoko.life/posts/kaniko-cache-stale-builds/Sun, 18 Jan 2026 14:00:00 +0000https://minoko.life/posts/kaniko-cache-stale-builds/Debug and fix stale container builds caused by Kaniko layer caching and Kubernetes node image caching when using mutable tags like latest.Clean URLs with NGINX Ingress Redirectshttps://minoko.life/posts/nginx-ingress-path-redirect/Sun, 18 Jan 2026 12:50:00 +0000https://minoko.life/posts/nginx-ingress-path-redirect/Use a separate Ingress with permanent-redirect annotation to create clean URL redirects when configuration snippets are disabled.VLAN Traffic Separation with MikroTik and OPNsensehttps://minoko.life/posts/vlan-traffic-separation-mikrotik-opnsense/Fri, 09 Jan 2026 21:12:46 +0000https://minoko.life/posts/vlan-traffic-separation-mikrotik-opnsense/Configure VLAN separation on a MikroTik CRS310 switch with OPNsense to isolate Kubernetes traffic from bulk data transfers on a dual-homed node.Recovering a MikroTik Switch After VLAN Misconfiguration Lockouthttps://minoko.life/posts/mikrotik-vlan-lockout-recovery/Fri, 09 Jan 2026 20:04:49 +0000https://minoko.life/posts/mikrotik-vlan-lockout-recovery/How to regain access to a MikroTik CRS310 switch after a VLAN misconfiguration locks out management access, using MAC-Telnet for Layer 2 recovery.Simplifying SSH Access to Network Devices with SSH Confighttps://minoko.life/posts/ssh-config-network-devices/Tue, 06 Jan 2026 21:58:37 +0000https://minoko.life/posts/ssh-config-network-devices/Use SSH config aliases to simplify connections to MikroTik and other network devices with pre-configured usernames and hostnames.Configuring Alertmanager Slack Notifications with kube-prometheus-stackhttps://minoko.life/posts/alertmanager-slack-notifications/Sun, 04 Jan 2026 00:55:04 +0000https://minoko.life/posts/alertmanager-slack-notifications/Setting up Prometheus Alertmanager to send notifications to Slack, including gotchas with Prometheus operator compatibility and Linkerd sidecar injection.Adding NetworkPolicies for Defense-in-Depth with Linkerdhttps://minoko.life/posts/networkpolicy-defense-in-depth/Sat, 03 Jan 2026 23:49:47 +0000https://minoko.life/posts/networkpolicy-defense-in-depth/Implementing Kubernetes NetworkPolicies alongside Linkerd mTLS to restrict pod-to-pod communication in critical namespaces.In-Cluster GitLab Runner with Kubernetes Executorhttps://minoko.life/posts/in-cluster-gitlab-runner-kubernetes/Sat, 03 Jan 2026 20:51:28 +0000https://minoko.life/posts/in-cluster-gitlab-runner-kubernetes/Deploy a GitLab Runner inside your Kubernetes cluster using the Kubernetes executor. CI jobs spawn as pods, use Kaniko for rootless Docker builds, and cache dependencies in MinIO.Enabling HTTPS on Wiki.js with Let's Encrypt via OPNsensehttps://minoko.life/posts/wikijs-https-letsencrypt/Sat, 03 Jan 2026 19:49:58 +0000https://minoko.life/posts/wikijs-https-letsencrypt/Migrate Wiki.js from HTTP to HTTPS using a Let's Encrypt wildcard certificate managed by OPNsense, with automatic synchronization to Kubernetes via a CronJob.Adding Comments with Comentario: Self-Hosted PostgreSQL-Backed Commentshttps://minoko.life/posts/adding-comments-with-comentario/Sat, 03 Jan 2026 12:00:00 +0000https://minoko.life/posts/adding-comments-with-comentario/Deploy Comentario as a self-hosted PostgreSQL-backed comment system for Hugo blogs, with GitHub OAuth, custom theming, and HAProxy TLS termination.Exposing an NVIDIA RTX 5070 Ti GPU in Kubernetes with Time-Slicinghttps://minoko.life/posts/nvidia-gpu-kubernetes-blackwell/Fri, 02 Jan 2026 23:00:00 +0000https://minoko.life/posts/nvidia-gpu-kubernetes-blackwell/Expose an NVIDIA RTX 5070 Ti Blackwell GPU in Kubernetes with time-slicing support, including PyTorch compatibility requirements for sm_120 compute capability.OPNsense IDS Monitoring with Suricata, Loki, and Grafanahttps://minoko.life/posts/opnsense-ids-monitoring-with-loki/Thu, 01 Jan 2026 23:30:00 +0000https://minoko.life/posts/opnsense-ids-monitoring-with-loki/Forward OPNsense Suricata IDS alerts to Loki via syslog and visualize intrusion detection events in Grafana alongside firewall logs.Automatic Certificate Rotation with cert-manager and Linkerdhttps://minoko.life/posts/cert-manager-linkerd-rotation/Thu, 01 Jan 2026 12:00:00 +0000https://minoko.life/posts/cert-manager-linkerd-rotation/Automate Linkerd identity issuer certificate rotation using cert-manager, with a CronJob to sync secret formats and Prometheus alerts for expiry warnings.Enabling CPU and Memory Stats in k9s on Bare-Metal Kuberneteshttps://minoko.life/posts/k9s-cpu-memory-metrics/Thu, 01 Jan 2026 10:00:00 +0000https://minoko.life/posts/k9s-cpu-memory-metrics/Enable CPU and memory metrics in k9s on bare-metal kubeadm clusters by installing metrics-server with the required kubelet TLS configuration.Automated Dependency Updates with Renovate on GitLabhttps://minoko.life/posts/automated-dependency-updates-with-renovate/Wed, 31 Dec 2025 14:00:00 +0000https://minoko.life/posts/automated-dependency-updates-with-renovate/Configure Renovate on GitLab to automatically create merge requests for Dockerfile and git submodule dependency updates using scheduled CI jobs.Upgrading My DMZ Router for Better Performancehttps://minoko.life/posts/dmz-router-upgrade/Wed, 31 Dec 2025 14:00:00 +0000https://minoko.life/posts/dmz-router-upgrade/Benchmark network performance before and after upgrading a DMZ router from gigabit to 2.5G, measuring real-world throughput improvements with a MikroTik CRS310.Claude Code on Mobile: Using tmux and Termius for Coding from Your Phonehttps://minoko.life/posts/claude-code-on-mobile-with-tmux-and-termius/Wed, 31 Dec 2025 10:00:00 +0000https://minoko.life/posts/claude-code-on-mobile-with-tmux-and-termius/Run Claude Code remotely from your phone using tmux for persistent sessions and Termius for mobile SSH, enabling coding from anywhere.Preventing Your Dual-Homed Linux Box from Bridging Networkshttps://minoko.life/posts/dual-homed-network-isolation-article/Tue, 30 Dec 2025 10:00:00 +0000https://minoko.life/posts/dual-homed-network-isolation-article/Prevent a dual-homed Linux workstation from bridging networks using firewalld zones and FORWARD rules, with exceptions for Kubernetes pod networking.GitOps Blog Deployment with ArgoCD and Automatic Image Updateshttps://minoko.life/posts/gitops-blog-deployment-with-argocd/Mon, 29 Dec 2025 19:00:00 +0000https://minoko.life/posts/gitops-blog-deployment-with-argocd/Set up a fully automated blog deployment pipeline using ArgoCD and Image Updater, where pushing to main automatically builds, detects, and deploys new container images to Kubernetes.Configuring OPNsense Firewall Rules via API for Cross-VLAN Kuberneteshttps://minoko.life/posts/opnsense-api-kubernetes-firewall/Sun, 28 Dec 2025 21:14:00 +0000https://minoko.life/posts/opnsense-api-kubernetes-firewall/Configure OPNsense firewall rules via REST API to allow Kubernetes traffic between VLANs, including firewall rules, node preparation, and HAProxy backend updates for a cross-network cluster.Why You Need --disable-eviction for Homelab Kubernetes Node Drainshttps://minoko.life/posts/disable-eviction-node-drains/Sun, 28 Dec 2025 21:00:00 +0000https://minoko.life/posts/disable-eviction-node-drains/Solve PodDisruptionBudget deadlocks in homelab Kubernetes clusters by using --disable-eviction during node drains when running single-replica workloads.Why Your Kubernetes Control Plane Has a NoSchedule Tainthttps://minoko.life/posts/control-plane-taint/Sun, 28 Dec 2025 13:00:00 +0000https://minoko.life/posts/control-plane-taint/Understand why Kubernetes control plane nodes have a NoSchedule taint and when you should (or shouldn't) remove it to run workloads on control plane nodes.Backing Up etcd to MinIO with a Kubernetes CronJobhttps://minoko.life/posts/backing-up-etcd-to-minio/Sun, 28 Dec 2025 12:00:00 +0000https://minoko.life/posts/backing-up-etcd-to-minio/Create automated daily etcd backups using a Kubernetes CronJob that snapshots cluster state and uploads to MinIO with automatic retention management.Upgrading Kubernetes with Ansible: A Homelab Guidehttps://minoko.life/posts/upgrading-kubernetes-with-ansible/Sat, 27 Dec 2025 20:00:00 +0000https://minoko.life/posts/upgrading-kubernetes-with-ansible/Automate Kubernetes cluster upgrades with Ansible playbooks that handle etcd backups, version validation, serial worker upgrades, and health verification.Backing Up Kubernetes Data to Scaleway Object Storagehttps://minoko.life/posts/backup-minio-to-scaleway/Sat, 27 Dec 2025 18:00:00 +0000https://minoko.life/posts/backup-minio-to-scaleway/Set up offsite cloud backups for Kubernetes databases using MinIO mirror and Scaleway Object Storage, with scheduled sync via CronJob and automatic retention.