release: infra-core v0.1.0 #15

Merged

aaron merged 16 commits from live into main 2026-03-22 18:31:23 +00:00

Conversation 0 Commits 16 Files changed 7 +896 -26

aaron commented 2026-03-22 17:49:38 +00:00

Owner

Copy link

v0.1.0 (2026-03-22)

Initial release of infra-core — the public, reusable infrastructure-as-code foundation for the Reynoza homelab.

What this repo provides

A complete Kubernetes homelab platform built on Proxmox, Talos Linux, and ArgoCD. All modules are parameterized and environment-agnostic, designed for reuse and portfolio visibility.

Platform

• Cluster OS: Talos Linux v1.12.5 (immutable, secure) on Proxmox VE
• Networking: Cilium CNI with Hubble observability, LB-IPAM, VLAN isolation (prod/dev)
• Storage: Longhorn with SSD-backed volumes
• GitOps: ArgoCD app-of-apps pattern sourcing from Forgejo
• IaC: Terraform modules (Proxmox VMs, Talos clusters, AWS backend)
• Config Management: Ansible playbooks for management VM provisioning

Applications

• Identity: Zitadel SSO with Terraform-driven OIDC for all services
• Git: Forgejo (source of truth) with GitHub push mirrors
• Registry: Harbor with pull-through caches (GHCR, Docker Hub, K8s)
• Observability: kube-prometheus-stack, Loki, Tempo, Mimir, OTel Collector, Grafana dashboards
• Databases: CloudNativePG operator with WAL archiving
• Backup/DR: Velero + Longhorn snapshots to Backblaze B2
• LLM Stack: Ollama + LiteLLM + Open WebUI with GPU passthrough
• Docs: Outline wiki
• Project Management: Plane with MCP integration
• LLM Observability: Langfuse v3 with Zitadel OIDC

CI/CD

• Forgejo Actions with management VM runner + K8s runner
• AI-powered code review (qwen2.5-coder via Ollama)
• Helm validation, Terraform validate, YAML lint, ShellCheck
• PR title enforcement (HOMELAB-XX: type(scope): description)
• Semver release workflow (version parsed from PR title)

Infrastructure Modules

• core/terraform/modules/ — talos-cluster, proxmox-vm, aws-backend
• core/charts/ — Helm values for all platform and application charts
• core/manifests/ — K8s manifests and ArgoCD application definitions
• core/ansible/ — Management VM provisioning playbooks

## v0.1.0 (2026-03-22) Initial release of infra-core — the public, reusable infrastructure-as-code foundation for the Reynoza homelab. ### What this repo provides A complete Kubernetes homelab platform built on Proxmox, Talos Linux, and ArgoCD. All modules are parameterized and environment-agnostic, designed for reuse and portfolio visibility. ### Platform - **Cluster OS**: Talos Linux v1.12.5 (immutable, secure) on Proxmox VE - **Networking**: Cilium CNI with Hubble observability, LB-IPAM, VLAN isolation (prod/dev) - **Storage**: Longhorn with SSD-backed volumes - **GitOps**: ArgoCD app-of-apps pattern sourcing from Forgejo - **IaC**: Terraform modules (Proxmox VMs, Talos clusters, AWS backend) - **Config Management**: Ansible playbooks for management VM provisioning ### Applications - **Identity**: Zitadel SSO with Terraform-driven OIDC for all services - **Git**: Forgejo (source of truth) with GitHub push mirrors - **Registry**: Harbor with pull-through caches (GHCR, Docker Hub, K8s) - **Observability**: kube-prometheus-stack, Loki, Tempo, Mimir, OTel Collector, Grafana dashboards - **Databases**: CloudNativePG operator with WAL archiving - **Backup/DR**: Velero + Longhorn snapshots to Backblaze B2 - **LLM Stack**: Ollama + LiteLLM + Open WebUI with GPU passthrough - **Docs**: Outline wiki - **Project Management**: Plane with MCP integration - **LLM Observability**: Langfuse v3 with Zitadel OIDC ### CI/CD - Forgejo Actions with management VM runner + K8s runner - AI-powered code review (qwen2.5-coder via Ollama) - Helm validation, Terraform validate, YAML lint, ShellCheck - PR title enforcement (`HOMELAB-XX: type(scope): description`) - Semver release workflow (version parsed from PR title) ### Infrastructure Modules - `core/terraform/modules/` — talos-cluster, proxmox-vm, aws-backend - `core/charts/` — Helm values for all platform and application charts - `core/manifests/` — K8s manifests and ArgoCD application definitions - `core/ansible/` — Management VM provisioning playbooks

aaron added 16 commits 2026-03-22 17:49:38 +00:00

docs: add Langfuse v3 LLM observability design spec (HOMELAB-159) ... b866806aa6

Design spec for deploying Langfuse v3 as unified LLM observability
platform. Uses official Helm chart via ArgoCD, CNPG PostgreSQL,
Zitadel SSO, and phased rollout (core → LiteLLM → metrics → agent).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

plan: add Langfuse v3 implementation plan (HOMELAB-159) ... 3e1119791c

8-task plan: CNPG cluster, base values, Zitadel OIDC, ArgoCD apps,
Pangolin resource, deploy, LiteLLM integration, verification.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

feat: add Langfuse base Helm values (HOMELAB-159) ... 3e8ef6a386

Base values for official Langfuse chart v1.5.22: disable bundled
PostgreSQL (using CNPG), configure ClickHouse single-node, Valkey
standalone, MinIO with Longhorn storage, sign-up disabled.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

feat: add Zitadel OIDC application for Langfuse (HOMELAB-159) ... 5f629734c2

Creates Langfuse OIDC app in Zitadel project with callback URL at
/api/auth/callback/custom. Distributes client ID/secret as K8s
secret in langfuse namespace.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Merge pull request 'docs: add Langfuse v3 design spec and implementation plan (HOMELAB-159)' (#7) from plane/HOMELAB-159-langfuse-observability into live ef0fd58d29

fix: increase Langfuse memory limits to prevent OOM (HOMELAB-159) ... 10028fac6f

Next.js app requires more memory than 256Mi. Bumped to 512Mi
request / 1Gi limit to prevent heap allocation failures.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Merge pull request 'fix: increase Langfuse memory limits to prevent OOM (HOMELAB-159)' (#8) from plane/HOMELAB-159-langfuse-observability into live f584a712ca

fix: enable id_token_userinfo_assertion for Langfuse OIDC (HOMELAB-159) ... 43590caf98

Zitadel follows OIDC spec strictly — omits email from id_token when
access_token is also issued. This flag forces Zitadel to include
userinfo claims (email, name) in the id_token.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Merge pull request 'fix: enable id_token_userinfo_assertion for Langfuse OIDC (HOMELAB-159)' (#9) from plane/HOMELAB-159-langfuse-observability into live a6a9014456

fix: enable sign-up for initial Langfuse account creation (HOMELAB-159) df1698cc86

Merge pull request 'fix: enable sign-up for Langfuse (HOMELAB-159)' (#11) from plane/HOMELAB-159-langfuse-observability into live c8c5ad4b78

chore: add .worktrees/ to .gitignore for parallel session isolation (HOMELAB-173) 3630d0659b

Merge pull request 'chore: add .worktrees/ to .gitignore (HOMELAB-173)' (#13) from plane/HOMELAB-173-worktree-setup into live b4434d6c42

HOMELAB-176: ci: add PR title format validation to CI pipeline ... 15cffd05ae

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

HOMELAB-176: ci: replace auto-version with PR-title-based release versioning ... 0b7552db9c

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Merge pull request 'HOMELAB-176: ci: add commit convention enforcement and release versioning' (#14) from plane/HOMELAB-176-release-versioning into live cf2290132b

aaron merged commit 5945a1c7df into main 2026-03-22 18:31:23 +00:00

aaron referenced this pull request from a commit 2026-03-22 18:31:25 +00:00

release: infra-core v0.1.0 (#15)

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

aaron/infra-core!15

No description provided.