kenpat
1e8319ee75
Complete documentation suite for KiteStacks covering all 11 services across 2-host active-active architecture. Includes beginner track (with AI, 8 files) and advanced track (without AI, 7 files) with time estimates, real troubleshooting cases, and command-by-command explanations. Updates certifications roadmap to reflect July 7 2026 A+ Core 2 exam goal. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
5.1 KiB
KiteStacks Homelab — Master Guide
Owner: kenpat
Domain: kitestacks.com
Status: Live and running
Last Updated: 2026-06-19
What Is KiteStacks?
KiteStacks is a self-hosted homelab — a real, production web platform running on two computers that serves eleven public websites to the internet, 24 hours a day, even when the home machine is off.
It is not a tutorial project. It is not a demo. It runs at a real domain, with real users, real uptime monitoring, and real failover. Every service is protected by single sign-on (SSO), meaning one account unlocks everything. All traffic goes through Cloudflare's global network — no ports are open on the home router, and the home IP address is never exposed.
The One-Paragraph Summary
KiteStacks is a self-hosted homelab running eleven public-facing services behind Cloudflare Tunnel with no open ports on the home router. All logins are handled by Authentik — a self-hosted identity provider using OIDC/OAuth2, so one account unlocks every service. A Hetzner cloud VPS (kscloud1) acts as a permanent cloud replica: if the home machine (monk) goes offline, kscloud1 keeps everything running with zero downtime. Both hosts share a single Postgres and Redis database over a private Tailscale VPN, so SSO logins always work regardless of which server answers. Monitoring runs via Prometheus, Grafana, Uptime Kuma, and a desktop Conky widget that shows live kscloud1 service health at a glance.
The Two Computers
| Name | What It Is | Role |
|---|---|---|
| monk | Home PC (ThinkPad T14s) | Development machine. Code and configs are built here, then pushed to kscloud1. |
| kscloud1 | Hetzner VPS in Germany | Always-live production server. Receives what monk pushes. Stays up even if monk is off. |
A third machine — the Samurai desktop — will eventually join as a second home connector, adding more redundancy when it is running.
The Eleven Public Services
| Service | URL | What It Does |
|---|---|---|
| Portal | www.kitestacks.com | The homepage — links to everything, live system stats |
| Authentik | auth.kitestacks.com | SSO login provider — one account for all services |
| Forgejo | gitforge.kitestacks.com | Self-hosted Git — stores all code and documentation |
| Open WebUI | ai.kitestacks.com | AI chat interface (ChatGPT-style, self-hosted) |
| Karakeep | links.kitestacks.com | Bookmark and read-it-later manager |
| Kavita | kavita.kitestacks.com | eBook and manga library |
| Grafana | grafana.kitestacks.com | Monitoring dashboards — CPU, RAM, network |
| Uptime Kuma | status.kitestacks.com | Service uptime status page |
| BookStack | wiki.kitestacks.com | Self-hosted wiki and documentation platform |
| OSTicket | tasks.kitestacks.com | Help desk and ticket tracking system |
| Portainer | portainer.kitestacks.com | Docker container management dashboard |
Navigation
| Section | What Is Inside |
|---|---|
| architecture/overview.md | How the whole system is wired together — diagrams, traffic flow |
| architecture/services.md | Every service: container name, port, volume, command reference |
| architecture/decisions.md | Why each technology was chosen over the alternatives |
| build-guide/README.md | How to build this from scratch — choose beginner (AI) or advanced |
| concepts/docker.md | What Docker actually is and how containers work |
| concepts/networking.md | DNS, ports, TLS, Tailscale, Cloudflare Tunnel, firewalls |
| concepts/oauth2-oidc.md | How SSO works — OAuth2, OIDC, JWTs explained simply |
| concepts/linux.md | Linux commands, file ownership, sudo, SSH tunnels |
| certifications/roadmap.md | Cert path from A+ to CKA — what to study and in what order |
| interview-prep/explain-the-project.md | What to say to hiring managers — model answers |
| learning-path/README.md | Structured study plan, free resources, daily habits |
Where to Start
If you want to understand what you built: → architecture/overview.md
If you want to rebuild it from scratch: → build-guide/README.md — pick your track
If you have an interview coming up: → interview-prep/explain-the-project.md
If you want to understand the tech behind it: → Pick a topic in concepts/
If you want to know what certifications to study next: → certifications/roadmap.md
Certification Progress
| Cert | Status |
|---|---|
| CompTIA A+ Core 1 | ✅ Passed — highest score in class (22 people) |
| CompTIA A+ Core 2 | 🔄 In progress — exam goal July 7, 2026 |
| CCNA | 📅 Next after A+ Core 2 |
| AWS Solutions Architect Associate | 📅 After CCNA |
| CKA (Kubernetes) | 📅 After AWS certs |