this post was submitted on 16 Mar 2025
191 points (98.0% liked)

Selfhosted

60048 readers
734 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam.

  3. Posts here are to be centered around self-hosting. Please ensure it is clear in your post how it relates to self-hosting.

  4. Don't duplicate the full text of your blog or git here. Just post the link for folks to click.

  5. Submission headline should match the article title.

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
ayyy@sh.itjust.works
curbstickle@anarchist.nexus
curbstickle_lw@lemmy.world
191
What's up, selfhosters? It's selfhosting Sunday! (lemmy.nocturnal.garden)
submitted 1 year ago by tofu@lemmy.nocturnal.garden to c/selfhosted@lemmy.world
125 comments fedilink hide all child comments
 

I know for many of us every day is selfhosting day, but I liked the alliteration. Or do you have fixed dates for maintenance and tinkering?

Let us know what you set up lately, what kind of problems you currently think about or are running into, what new device you added to your homelab or what interesting service or article you found.

This post is proudly sent from my very own Lemmy instance that runs at my homeserver since about ten days. So far, it's been a very nice endeavor.

you are viewing a single comment's thread
view the rest of the comments
[–] tux7350@lemmy.world 5 points 1 year ago* (last edited 1 year ago) (2 children)

I'm working on my first kubernetes cluster. I'm trying to set the systems up with NixOS. I can get a kublet and a control plane running. But I'm getting permission errors when trying to use kubectl rootless on the system running the control plane. I think I figured out which file i need to change, now I just want to record that change in my configuration.nix.

[–] L_Acacia@lemmy.ml 4 points 1 year ago (1 children)

nixos doesn't play well with rootless containers in my experience

[–] tux7350@lemmy.world 2 points 1 year ago* (last edited 1 year ago) (2 children)

Ah sorry to hear that. Did you find something better that works for you? I'm open to suggestions :D

[–] L_Acacia@lemmy.ml 1 points 1 year ago

OciContainers just added rootless mode for podman. I was planning on playing a bit more with it but I'm quite busy and haven't fount the time recently. For the time being I run everything as rootfull since I don't expose stuff directly through the internet.

I might repond here if I don't forget once I've experimented a bit more.

[–] johntash@eviltoast.org 1 points 1 year ago

Not who you asked but I moved to Talos Linux for k8s

[–] refreeze@lemmy.world 3 points 1 year ago (1 children)

I'm curious how this goes for you. I run all my machines on NixOS except my k8s cluster which is Talos for now. I have been thinking of switching to Nix for that too.

[–] tux7350@lemmy.world 2 points 1 year ago

I followed along the nixos wiki for kubernetes and creating the "master" kublet is super easy when you set easyCerts = true. Problem is, it spits out files to /var/lib/kubernetes/secrets/ that is owned by root. Specifically, the cluster-admin.pem file. If I want to push commands to the cluster using kubectl I have to elevate to a root shell. I could just chmod or chown the file but that seems like a security risk.

Now I'm not familiar with k8s at all. This is my first go through, so I could be doing something wrong or missing a step. I saw something about the role based security but I haven't jumped down that rabbit hole yet. Any tips for running kubectl without root?