Skip to content

alexanderbailey/pi-k8s

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
apps
apps
 
 
bootstrap
bootstrap
 
 
manifests
manifests
 
 
.env.example
.env.example
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
setup.sh
setup.sh
 
 

Repository files navigation

pi-k8s

k3s + ArgoCD setup for Raspberry Pi with Caddy ingress and Tailscale operator.

Tailscale OAuth Setup

  1. Add tags to your ACL policy (tag:k8s-operator owns tag:k8s):

    "tagOwners": {
  "tag:k8s-operator": [],
  "tag:k8s": ["tag:k8s-operator"]
}

  2. Create an OAuth client at https://login.tailscale.com/admin/settings/trust-credentials

    Required scopes:

    • Devices: Core (write)
    • Auth Keys (write)
    • Services (write)

    Assign tag: tag:k8s-operator

The operator uses tag:k8s-operator credentials to create proxies tagged with tag:k8s.

Environment Variables

cp .env.example .env

Update the .env file with the following variables:

Secret Description
TS_OAUTH_CLIENT_ID OAuth Client ID
TS_OAUTH_CLIENT_SECRET OAuth Client Secret
TS_TAILNET Your tailnet name found in Admin console > Settings > General

Quick Start

sudo ./setup.sh

What Gets Installed

Component Namespace Purpose
k3s - Lightweight Kubernetes
ArgoCD argocd GitOps deployment
Caddy caddy-system Ingress controller
Tailscale tailscale Expose services to tailnet

Access ArgoCD

Via Tailscale (once synced):

https://argocd

Or via port-forward:

kubectl port-forward svc/argocd-server -n argocd 8080:443

Get admin password:

kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d

About

Runnig k8s on the pi

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages