admin - FullStackQuest

HomeLab – Moving NGINX TLS from a Manual Secret to cert-manager (with mkcert CA) – Day 14

Today we finished the transition from a manually managed TLS secret to an automated, GitOps-friendly setup driven by cert-manager. Our[…]

Goal: Stop creating TLS secrets by hand and keep them encrypted in Git. Also enable k3s-master to push changes back[…]

Today we rolled out Bitnami Sealed Secrets to our k3s cluster using Helm, hit a snag with the kubeseal CLI[…]

In Day 11 we wired Argo CD to a private GitHub repository via SSH, validated connectivity from the argocd-repo-server pod,[…]

Goal: Install Argo CD via Helm, expose it through Traefik with mkcert TLS, and bootstrap a first GitOps Application that[…]

Goal: Serve a custom index.html via ConfigMap, mount it into Bitnami nginx, validate over HTTPS through Traefik, then practice Helm[…]

Goal: Issue a locally trusted TLS cert using mkcert, rotate the Kubernetes TLS Secret for nginx.apps.lan, then practice Helm scale[…]

Goal: Enable HTTPS for nginx.apps.lan using a self-signed certificate, store it as a Kubernetes TLS Secret, configure Traefik to use[…]

Goal: Install Helm on the k3s master, deploy NGINX via Helm, expose it through Traefik Ingress, and reach it from[…]

Goal: Create an apps namespace in k3s, enforce sane defaults with LimitRange and ResourceQuota, and validate behavior via kubectl. All[…]