this post was submitted on 16 Mar 2025
189 points (98.5% liked)

Selfhosted

52479 readers
2195 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
 

I know for many of us every day is selfhosting day, but I liked the alliteration. Or do you have fixed dates for maintenance and tinkering?

Let us know what you set up lately, what kind of problems you currently think about or are running into, what new device you added to your homelab or what interesting service or article you found.

This post is proudly sent from my very own Lemmy instance that runs at my homeserver since about ten days. So far, it's been a very nice endeavor.

you are viewing a single comment's thread
view the rest of the comments
[–] tux7350@lemmy.world 5 points 7 months ago* (last edited 7 months ago) (2 children)

I'm working on my first kubernetes cluster. I'm trying to set the systems up with NixOS. I can get a kublet and a control plane running. But I'm getting permission errors when trying to use kubectl rootless on the system running the control plane. I think I figured out which file i need to change, now I just want to record that change in my configuration.nix.

[–] L_Acacia@lemmy.ml 4 points 7 months ago (1 children)

nixos doesn't play well with rootless containers in my experience

[–] tux7350@lemmy.world 2 points 7 months ago* (last edited 7 months ago) (1 children)

Ah sorry to hear that. Did you find something better that works for you? I'm open to suggestions :D

[–] johntash@eviltoast.org 1 points 7 months ago

Not who you asked but I moved to Talos Linux for k8s

[–] refreeze@lemmy.world 3 points 7 months ago (1 children)

I'm curious how this goes for you. I run all my machines on NixOS except my k8s cluster which is Talos for now. I have been thinking of switching to Nix for that too.

[–] tux7350@lemmy.world 2 points 7 months ago

I followed along the nixos wiki for kubernetes and creating the "master" kublet is super easy when you set easyCerts = true. Problem is, it spits out files to /var/lib/kubernetes/secrets/ that is owned by root. Specifically, the cluster-admin.pem file. If I want to push commands to the cluster using kubectl I have to elevate to a root shell. I could just chmod or chown the file but that seems like a security risk.

Now I'm not familiar with k8s at all. This is my first go through, so I could be doing something wrong or missing a step. I saw something about the role based security but I haven't jumped down that rabbit hole yet. Any tips for running kubectl without root?