Goals + Recap

  • Tried a long day yesterday, to finish Miniflux out of spite.
  • Body gave up and I went to be 9.30ish.
  • Did figure and learn a lot as I re-did things yesterday.
  • More confident operating the cluster
  • Today, will try to finish Miniflux.

The Big Plan

  • The plan is to redo the cluster again and do my own instance of
    • K3s
    • Sealed Secrets
    • Certmanager (Not using it)
    • Letsencrypt (using pre existing Letsencrypt certs)
    • Get Traefik Ingress to work
    • Figure out a way to get certs automatically into the cluster
  • And once that is done, figure out an app to move (Miniflux or Hedgedoc?); 2025-12-03: Kanboard it is!
  • Begin by moving (lifting and shifting in popular parlance) Kanboard to the cluster
    • Cert will probably be needed (Wildcard cert works now, just like it does without the cluster)
    • Convert a docker-compose to kubernetes manifests
    • Learn how to configure an app with code
    • Learn how to store data and back it up
    • Figure out secrets, if there are any (for now sealed secrets ok, figure out vault and vault injection later)
    • Learn how to tunnel through and reverse proxy
    • Make Kubernetes manifests work with flux
    • Figure out how to automate deployment of manual manifests
    • Figure out how to migrate there if there is any in an old app
    • Figue out how to automate updation of images in manual manifests
    • Get another app (Miniflux) deployed
    • Figure out what needs to happen as part of the lifecycle. What you want in the cluster, what stays out, do they intersect, how do updates of cluster happen? VM (node) updates as well?
    • Then begin to think along the lines of Live Deploys. Prototype locally and once it works, migrate to production immediately
    • Convert Kubernetes manifests to Helm Charts (optional, based on energy)
  • Go live! Git is source of truth. Two repos.
    • One for the Main node and its update
      • Terraform will provision node and install package, setup firewall
      • Figure out how to get Terraform to get the node talking to the git forge
      • Structure repo, copy every thing node related there, and make sure stuff gets updated periodically and idempotantly, via ansible pull and a systemd timer
    • The other one for k3s and flux
      • Convert everything I have done locally to run on prod. Add more steps as you do them below

2025-12-06 08:10

  • Beginning today. Setting everything up.
  • 2025-12-06 08:20: Coffee!
  • 2025-12-06 09:00: Fed the strays. Now to work.
  • 2025-12-06 10:04: Got miniflux running manually! First multi container pod! and first readiness check! Yay! Break.

2025-12-06 10:35

  • 2025-12-06 11:04: Got Miniflux working via flux. Now to use it a bit to test if storage works
  • 2025-12-06 11:35: Yes. Got state and storage working as well!
    Now to don thinking cap again and figure out what needs to happen live.
  • 2025-12-06 11:45: Decided to reboot the machine to see what happens. All state is safe :)
  • Back to thinking
    • A cloud init is a one time thing. Cannot use terraform to keep messing with the machine. So all I will use it for is to bring up the cluster? And a few select tools.
    • Ansible needs to handle the rest. So now figure out a playbook to manage the new server.
    • Spoke to PS to make sure, I wasn’t being a boob.
  • 2025-12-06 12:23: Oof! forgot that Miniflux needs automatic image updation. Alright. Hard hat on. Work in progress
  • 2025-12-06 12:57: Miniflux updated itself to the latest version! Lunch break

2025-12-06 19:00

  • Back. Had a client meeting.
  • 2025-12-06 19:35: Done for the day. Did a lot of thinking about how I want to provision and update my Hetzner node. Will try and put it into practice on Monday. Stuff is up in the plan above
  • 2025-12-06 20:20: Shutdown!

Feedback on this post?
Mail me at feedback at this domain.