Skip to content

Funky Penguin's Geek Cookblog

Welcome to Funky Penguin's Geeky Blog! Here I record largely-unstructured posts on technical subjects including updates / additions to the cookbook, reviews, and fixes / tips discovered in my daily work!

Premix is now public

This is a copy of an update I recently sent to my GitHub sponsors..

After some reflection, I've made the decision to make the Geek Cookbook Premix repo public, rather than sponsors-only. Instead of switching the private repo to public (which would potentially expose all of your forks), I've created a fresh repository at geek-cookbook/premix, and will leave the private repo as-is.

My reasoning as is follows:

  1. I've been neglecting it / you. Over the past 14 months, I've spent all my spare time / funds building ElfHosted (read about the journey in the monthly reports here), and it's only just showing signs of becoming self-sustaining.

    It's unrealistic to think that I'll have time/focus in the short-term to hack on recipes / premix, so in offering repo access in exchange for sponsorship, I'm setting a false expectation for support / updates.

  2. Some of the recipes / premixes need a "fresh coat of paint", and making the repo public will hopefully encourage more PRs and community engagement.

I realize that premix access may have been your primary motivator for sponsoring me, and so you have my blessing to "un-sponsor" if you'd prefer...

Still here? Thank you for sticking with me ❤️ , and please feel free to hit me up in Discord with questions / comments / ideas / requests, I'd love to hear from you! :)

Added recipe for Kubernetes Dashboard with OIDC auth

Unless you're a cave-dwelling CLI geek like me, you might prefer a beautiful web-based dashboard to administer your Kubernetes cluster.

Screenshot of Kubernetes Dashboard

I've recently documented the necessary building blocks to make the dashboard work with your OIDC-enabled cluster, such that a simple browser login will give you authenticated access to the dashboard, with the option to add more users / tiered access, based on your OIDC provider.

Here's all the pieces you need..

  • in Notes
  • 2 min read

Authenticate Harbor with Authentik LDAP outpost

authentik does an excellent job as an authentication provider using modern protocols like OIDC. Some applications (like Jellyfin or Harbor) won't support OIDC, but can be configured to use LDAP for authentication.

I recently migrated a Harbor instance from an OpenLDAP authentication backend to Authentik's LDAP outpost, and struggled a little with the configuration.

Now that it's working, I thought I'd document it here so that I don't forget!

  • in Notes
  • 2 min read

Cover your bare (metal) ass with Velero Backups

While I've been a little distracted in the last few months assembling ElfHosted, the platform is now at a level of maturity which no longer requires huge amounts of my time1. I've started "back-porting" learnings from building an open-source, public, multi-tenanted platform back into the cookbook.

What is ElfHosted? 🧝

ElfHosted is "self-hosting as a service" (SHAAS? ) - Using our Kubernetes / GitOps designs, we've build infrastructure and automation to run popular self-hosted apps (think "Plex, Radarr, Mattermost..") and attach your own cloud storage ("bring-your-own-storage").

You get $10 free credit when you sign up, so you can play around without commitment!

We're building "in public", so follow the progress in the open-source repos, the blog or in Discord.

TL;DR? Here's a guide to getting started, and another to migrating from another provider.

The first of our imported improvements covers how to ensure that you have a trusted backup of the config and state in your cluster. Using Velero, rook-ceph, and CSI snapshots, I'm able to snapshot TBs of user data in ElfHosted for the dreaded "incase-I-screw-it-up" disaster scenario.

Check out the Velero recipe for a detailed guide re applying the same to your cluster!

  • in Notes
  • 3 min read

ElfDisclosure for July 2023 : GitOps-based SaaS now Open Source

I've just finished putting together a progress report ElfHosted for July 2023. The report details all the changes we went through during the months (more than I remember!), and summarizes our various metrics (CPU, Network, etc.)

What is ElfHosted? 🧝

ElfHosted is "self-hosting as a service" (SHAAS? ) - Using our Kubernetes / GitOps designs, we've build infrastructure and automation to run popular self-hosted apps (think "Plex, Radarr, Mattermost..") and attach your own cloud storage ("bring-your-own-storage").

You get $10 free credit when you sign up, so you can play around without commitment!

We're building "in public", so follow the progress in the open-source repos, the blog or in Discord.

TL;DR? Here's a guide to getting started, and another to migrating from another provider.

Of particular note here is that the GitOps and helm chart repos which power a production, HA SaaS, are now fully open-sourced!

(Oh, and we generated actual revenue during July 2023!)

Here's a high-level summary:

  • in Notes
  • 5 min read

"Elf-Disclosure" for June 2023

It's been a month since ElfHosted was born! 👶

I've worked way more than I expected, and the work has been harder than I expected, but I've immensely enjoyed the challenge of building something fast and in public.

What follows here are our recent changes, the current stats - time/money spent, revenue (haha), and lots of data / graphs re the current state of the platform.

  • in Notes
  • 5 min read

Introduction to ElfHosted

I've consulted on the building and operation of an "appbox" platform over the past 2 year, and my client/partner has made the difficult decision to shut the platform down, partly due to increased datacenter power costs, and capital constraints.

So I've got two year's worth of hard-earned lessons and ideas re how to build a GitOps-powered app hosting platform, and a generous and loyal userbase - I don't want to lose either, and I've enjoyed the process of building out the platform, so I thought I'd document the process by setting up another platform, on a smaller scale (*but able to accommodate growth).