new | ask | show | jobs
nathan_douglas 2 days ago  [ - ]

Oh hai Cameron!

I'm rebuilding my homelab [1] too, actually, but deprioritizing it while I stave off a wee spot o' burnout.

I'm excited to see that you're building on Talos; I am too! I used to use CoreOS back in the day, like 8-9 years ago or smth, on PXE-booted VMWare VMs, and I've always missed that cleanliness.

That's a large part of why I'm rebuilding right now - I based everything around Ansible + Terraform, and that's workable of course but working iteratively on a homelab leaves so much cruft around, can lead to incidental complexity, etc etc etc.

Anyway, I'm pumped to keep reading!

[1] https://clog.goldentooth.net/

cweagans 2 days ago  [ - ]

Hey hey! Good to see you here!

Talos is absolutely incredible. There's a learning curve to it, but it's not as steep as it seems.

I started with Ansible, but found myself getting really annoyed at the amount of YAML I was shoveling around for basic things, so I ended up writing a series of bash scripts that rsync files out to where they need to go, run actions when a particular file changes, etc. Provisioning scripts are bundled up and piped to the remote machine over SSH. It's been pretty nice. I'm thinking about building that out into a separate project somewhere.

I'd love to check out what you're working on! The link seems to be broken though.

nathan_douglas 2 days ago  [ - ]

Talos (and Talhelper) seem pretty reasonable so far. Digging Sops too for managing secrets. I was using Ansible Vault before which worked but was weirdly cumbersome to automate (go figure), and Sops seems to Just Work™.

> The link seems to be broken though.

Yeah, I'm a world-class infra engineer. smdh. Changed how the DNS record was created but didn't push my changes so they were reverted by a scheduled job facepalm

Think it's back now...

cweagans an hour ago  [ - ]

> Digging Sops too for managing secrets. I was using Ansible Vault before which worked but was weirdly cumbersome to automate (go figure), and Sops seems to Just Work™.

I considered both of those and ended up using the External Secrets Operator + 1Password for my secrets. Maybe not the _best_ solution, but it saved a fair amount of effort on my part.

> Think it's back now...

It's back! Looking forward to reading!