Ai, Automation, Kubernetes, Docker Cloud Server
kenpat
dbcf51993d
Replaces .env files across all KiteStacks apps. Vault runs as a Docker container bound to 127.0.0.1:8200 with file storage backend. - apps/vault/: compose file + vault.hcl config (TLS disabled, localhost only) - scripts/vault-env.sh: fetches secret from Vault KV and injects as env vars before running docker compose (drops the .env pattern entirely) - scripts/vault-init.sh: one-time init — GPG-encrypts unseal keys to ~/.vault-keys.gpg, creates kitestacks policy + limited app token - scripts/vault-unseal.sh: post-restart unseal via GPG-decrypted key - docs/vault-setup.md: full setup guide including secret migration steps Usage: vault-env.sh kitestacks/authentik -- docker compose up -d Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> |
||
|---|---|---|
| apps | ||
| autosync | ||
| cloud | ||
| cloud-migration | ||
| clusters/T14s | ||
| docs | ||
| homelab-mastery | ||
| osticket | ||
| projects/Discord Integration | ||
| scripts | ||
| .gitignore | ||
| CHANGELOG.md | ||
| DEBUG-DOCUMENTATION.md | ||
| README.md | ||
| RUNBOOK.md | ||
KiteStacks Homelab
Everything needed to run, fix, and understand the KiteStacks homelab lives here.
What is KiteStacks?
KiteStacks is a personal homelab — a set of useful web apps that run on two computers (monk at home, kscloud1 in Germany). All the websites are accessible over the internet through Cloudflare without exposing any home IP addresses.
How to Read This Repo
| File / Folder | What it is |
|---|---|
RUNBOOK.md |
Start here. Plain-English guide to how everything works and how to do common tasks |
DEBUG-DOCUMENTATION.md |
Every problem we've hit and how we solved it |
docs/ |
Detailed setup guides for specific services (Authentik SSO, etc.) |
apps/ |
Docker Compose files for each service |
clusters/ |
Infrastructure-level configs |
projects/ |
Active project notes |
cloud/ |
Cloud-specific configurations (kscloud1) |
cloud-migration/ |
Archive of cloud migration work and volume backups |
autosync/ |
Auto-sync scripts that keep the repo up to date automatically |
osticket/ |
OSTicket help-desk project notes |
Services Running Right Now
| Service | Website | What it does |
|---|---|---|
| Authentik | auth.kitestacks.com | Single login for all services |
| Portainer | portainer.kitestacks.com | Manage all Docker containers |
| Forgejo | gitforge.kitestacks.com | Git server (code + scripts) |
| BookStack | wiki.kitestacks.com | Wiki and notes |
| Grafana | grafana.kitestacks.com | Server health charts |
| Karakeep | links.kitestacks.com | Bookmark manager |
| Kavita | kavita.kitestacks.com | Ebook reader |
| OSTicket | tasks.kitestacks.com | Help desk / ticket system |
| Open WebUI | ai.kitestacks.com | AI chat (GPT, Claude, local) |
| Uptime Kuma | status.kitestacks.com | Service monitor |
| Portal | www.kitestacks.com | Homepage |
Quick Reference
# Check all running containers
docker ps --format "table {{.Names}}\t{{.Status}}"
# Restart a service
cd ~/kitestacks-live/docker/SERVICE_NAME && docker compose restart
# View live logs
docker logs CONTAINER_NAME --tail 50 -f
All usernames and passwords go through Authentik at https://auth.kitestacks.com.