Skip to content

jomcgi/homelab

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6,430 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Homelab

Personal monorepo. Dev tooling and deployment for my projects.

Systems

  • Knowledge pipeline — On-cluster LLM decomposes markdown into structured facts, embeds them, stores in pgvector. Searchable via MCP tools and a SvelteKit frontend.
  • Agent platform — AI agents in sandboxed Kubernetes pods with RBAC-scoped tool access over NATS JetStream. Architecture.
  • Discord bot — LLM-powered chat with vision, web search, and knowledge graph context.
  • OCI Model Cache — Kubernetes operator that syncs ML models from HuggingFace to OCI registries. Compiler-enforced state machines.
  • Build system — Custom Bazel rules for Helm, Semgrep SAST, and Cloudflare Pages. All builds run remotely via BuildBuddy RBE.

Applications

  • Marine tracking — Real-time AIS vessel tracking with a MapLibre GL frontend.
  • Trip tracker — Reconstruct travel routes from photo EXIF data with elevation profiles.
  • Stargazer — Best stargazing spots in Scotland for the next 72 hours.
  • Hiking routes — Scottish route finder with weather-based recommendations.

Infrastructure patterns

See docs/security.md for the defense-in-depth model and docs/observability.md for automatic instrumentation.

Area Approach
Ingress Cloudflare Tunnel only — nothing exposed directly
Service mesh Linkerd — automatic mTLS and distributed tracing, no code changes
Observability SigNoz — unified metrics, logs, traces. Kyverno auto-injects OTEL env vars
Policy Kyverno — enforces non-root (uid 65532), read-only filesystems
Secrets 1Password Operator — OnePasswordItem CRDs, nothing in Git
Storage Longhorn for persistent volumes, SeaweedFS for S3-compatible object storage
Messaging NATS JetStream — pub/sub backbone for AIS data, trip points, agent jobs
GPU NVIDIA GPU Operator — Qwen 3 + voyage-4-nano on-cluster via llama.cpp
Images apko + rules_apko — no Dockerfiles, dual-arch (x86_64 + aarch64), non-root
CI BuildBuddy Workflows — remote build execution, bazel test //..., image push
GitOps ArgoCD — colocated deploy/ dirs, kubectl is read-only

Repo layout

projects/             # All services, operators, websites — colocated with deploy configs
├── platform/         #   Cluster-critical infrastructure (ArgoCD, Linkerd, SigNoz, etc.)
├── agent_platform/   #   Agent services (Context Forge, MCP servers, orchestrator, etc.)
├── monolith/         #   Knowledge graph, Discord bot, task management, frontend
├── ships/            #   Marine vessel tracking
├── trips/            #   Trip tracker
├── stargazer/        #   Dark sky finder
├── hikes/            #   Scottish hiking routes
├── operators/        #   Custom Kubernetes operators
├── websites/         #   Static sites (VitePress, Astro)
└── home-cluster/     #   Auto-generated ArgoCD root kustomization
bazel/                # Build infrastructure (rules, tools, images, semgrep)
docs/                 # Design docs, ADRs, and plans

See docs/contributing.md for the full structure. Architecture decisions are tracked in docs/decisions/.

What's next

  • Semgrep rule generation — RL-finetuned local model for generating Semgrep rules from CVE descriptions. The build system already runs hermetic Semgrep; this closes the loop by generating the rules themselves.
  • Knowledge graph expansion — Ingest D&D sourcebooks (via Marker parsing) and repo documentation into the knowledge pipeline, making ADRs and design docs semantically searchable alongside notes.

Full backlog and architecture decisions: docs/decisions/


Built by Joe McGinley. MPL-2.0.

About

No description, website, or topics provided.

Resources

License

Contributing

Security policy

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors