What does your stack look like? Sharing my single-node k8s homelab and curious what you all are running
TL;DR
I'm building out my self-hosted setup and would love a sanity check from the community. I'm trying to figure out if I'm using the wrong or overly complex tools for my goals, and I'm really curious to see what you all are building for similar use cases
Background:
I'm an experienced platform/infra software engineer. Some of my tooling choices might seem "complex" for a homelab, but they're actually easier for me due to professional familiarity.
My main motivation for self-hosting is having a reliable, private, and opex-efficient way to run services that make my life easier. It gives me the ick knowing my data is owned by private companies, siloed away, and tied to subscription fees. Especially when they can randomly change the rules on me based on someone else's timeline.
Some key use-cases:
- Media backups (mostly books; writings/documents, pictures)
- Data warehouse (emails, chat history, financial transactions, ...)
- Automation (e.g. autobooking gym PT)
- 2nd brain --> Eventually, I want to wire Obsidian/LLMs into a personal data warehouse so I can search through organically structured data
Stack
GitOps configuration. Any backups on 3rd party services (e.g., B2) must be encrypted client-side.
Compute
- Hardware: Single-node homelab, mini-PC.
- OS/Orchestration: Talos Linux with Secure Boot & TPM encryption keys. Kubernetes.
- Registry: Zot. A single-binary image registry. It does the job and is super low maintenance.
Storage
- Longhorn CSI (Container Storage Interface). Regret using it...it's very memory heavy. Alternatives when/if I switch:
- local path provisioner looks neat, has single-node RWX support, but lack volume size limits
- Some zfs/btrfs automation like https://openebs.io/?
- Note: I originally wanted something simple to avoid Ceph/Rook, but maybe I was wrong.
File Storage: A single RWX volume (Longhorn implements it as NFS under the hood). Database: PostgreSQL (cnpg) as my main OLTP database. Most products support it, and I prefer it over SQLite just to keep cognitive overhead low. Backups: Kopia for backing up storage and databases onto Backblaze B2.
Observability
- Prometheus+vector+Loki+Tempo & Grafana:
- I dislike their storage model, but it's good enough for now. Something like Qryn looks neat, with single analytical database to keep mind on.
- Alertmanager I seldomly check. Haven't wired up any notifications yet
Networking
- Cert-manager
- Contour ingress controller:
- Client authN is annoying, has to be external service. Traefik's forward auth plays nicer with authentik. Maybe I'll switch eventually
Releases
Deployments: Argo CD Core Dependencies: Renovate VCS: GitHub (I'll eventually replace this with Forgejo) CI: Woodpecker CI
Security
- Secrets: 1Password for secret management, with their 1password-operator. It's neat!
- AuthN/Z: Authentik
- It's a bit resource-heavy, but it supports a lot of features. The hope is that it will support whatever random system I want to integrate in the future (LDAP/OIDC/mTLS/etc.).
Applications
- HomeAssistant
- filebrowser
- Custom Go apps
Next steps
S3 compatible API for data-lake. Generally I'm thinking:
- Maybe MinIO, exposing main RWX volume as S3 API?
- Or SeaweedFS?
Analytical database:
- Delta Lake or IceBerg. At a personal scale, interoperability is a much higher priority than raw "performance," thus avoiding ClickHouse.
- Datafusion for queries. Ideally via ADBC interface. I could use CH over open table format as well.
- Superset seems neat for visualisation; better fit over grafana for certain usecases
Some nice low-code PostgreSQL UI
Some automation platform?
- n8n & temporal look neat
Conclusion
What do you all think of the stack? Anything you'd swap out or do differently? (Especially interested if anyone has strong opinions on my 'Next Steps'!)
If anything stands out and you're wondering why I went with X instead of Y, just ask. I'm more than happy to jump into the comments and explain the reasoning behind my choices!