Goals + Recap

  • Got the cluster up and running finally yesterday. Figured out how git and flux and kubernetes interact
  • The plan is to redo the cluster again and do my own instance of
    • K3s
    • Sealed Secrets
    • Letsencrypt and Certmanager
    • Get Traefik Ingress to work
  • And once that is done, do kanboard again
  • Begin by moving (lifting and shifting in popular parlance) Kanboard to the cluster
    • Cert will probably be needed
    • Learn how to configure an app with code
    • Figure out secrets, if there are any (for now sealed secrets ok, figure out vault and vault injection later)
    • Learn how to tunnel through and reverse proxy
    • Learn how to store data and back it up
  • Move Miniflux next, followed by Hedgedoc

2025-11-29 09:15

  • Short day today. Have a client meeting coming up
  • Was confused between whether to do Traefik first. But past Jason seems to have already figured that out for me. Looking at Sealed Secrets next
  • I think I want to change my mind. Looking at vault
  • Mind changed again. Back to Sealed Secrets. Implementing another running service to herd, is not what I want to do right now. But it is important. I ought to look at Vault someday. I was worried about what would happen if my K3s cluster crashed, taking my secrets along with it. Most LLMs suggest that I can backup the key and reuse it. So mind relieved. Worst case, I can just create new secrets by resealing. I do have all my secrets “unencrypted”, but stored in a password manager anyway
  • 2025-11-29 11:00: Off to work

2025-11-29 19:00

  • 2025-11-29 20:00 Got sealed secrets installed. Did all the yaml and the wiring myself. Gettingt the hang of installing apps (as well as troubleshooting flux, when things don’t work)

Feedback on this post?
Mail me at feedback at this domain.