Domum is a GitOps-driven homelab that leverages Talos Linux, Flux CD, and Kubernetes to automate service deployments. This repository showcases how modern DevOps principles—Infrastructure as Code, CI/CD, and container orchestration—can be combined to create a scalable, resilient, and self-documenting homelab environment.Designed to survive power outages and scale intelligently.

• Infrastructure as Code (IaC): All configurations, from cluster provisioning to application deployments, are captured as declarative YAML.
• GitOps Workflow: Flux CD continuously watches this repository for changes, applying them to the Kubernetes cluster automatically.
• Observability & Monitoring: Prometheus and Grafana (planned or in-progress) to provide real-time insights into cluster health and performance.
• Enterprise-Grade DevOps Practices: Emphasis on security, backups, and high availability through tools like Hashicorp Vault, MetalLB, etc.

The Two-Tier Architecture

┌─────────────────────────────────────────────────────────────┐
│  TIER 1: CRITICAL STACK (Always-On, UPS-Backed)            │
│  • Raspberry Pi 5 (5W)                                       │
│  • Battery runtime: 6-12 hours                              │
│  • Services: Home Assistant, SSL, Dashboard, Vault, Alerts  │
└─────────────────────────────────────────────────────────────┘
                            ↕
┌─────────────────────────────────────────────────────────────┐
│  TIER 2: PERFORMANCE STACK (Powers down on outage)         │
│  • Kubernetes on Proxmox (150W+)                            │
│  • Services: Media, AI, Development, Heavy workloads        │
│  • Auto-scales services during normal operation             │
└─────────────────────────────────────────────────────────────┘

A single Raspberry Pi that runs critical services on battery backup.

Services that ALWAYS work:

• Home automation (lights, thermostats, locks)
• Local web dashboard
• Battery monitoring
• Emergency alerts
• Local file sharing

When you have power, this expands to include:

• Media streaming (movies, music)
• Photo backups
• Development environments
• Game servers

Safe, secure access from outside your home:

• View security cameras remotely
• Access family files
• Manage home automation

1. Talos CLI (talosctl), plus supporting tools

   • For macOS, an example installation:

     brew install talosctl kubectl helm fluxcd/tap/flux age sops

2. Talos Linux ISO

   • Download the latest stable release (Talos v1.9+)
   • Refer to the official Talos Proxmox Guide for instructions on creating a VM.

For detailed installation steps (Talos on Proxmox, node bootstrapping, etc.), see docs/TALOS_SETUP.md.

A high-level look at how this repository is organized:

Domum/
├── .gitignore
├── .sops.yaml                 # SOPS config (if using sealed secrets or encryption)
├── docs/
│   ├── ARCHITECTURE.md        # Notes on overall cluster design
│   ├── NETWORKING.md          # IP schema, VLANs, etc.
│   └── TALOS_SETUP.md         # Detailed Talos install guides
└── cluster/
    ├── base/                  # Environment-agnostic or "common" configs
    ├── core/                  # Critical cluster infrastructure (Talos configs, Flux, etc.)
    ├── apps/                  # Application definitions (Traefik, Pi-hole, Vault, etc.)
    ├── overlays/              # Environment-specific patches (dev, homelab, prod)
    ├── private/               # Sensitive data (encrypted or references to Vault)
    └── scripts/               # Helper scripts (talos-genconfig, flux-sync, etc.)