Comment on Secrets Management
truxnell@aussie.zone 2 weeks ago
I think it’s overkill for homelab and over complex/additional failure points.
I use sops encrypted, published in my public git. When I apply my nix config, they are pulled and unencrypted on apply on the local machine.
Keeps it as simple as I can think of, with few moving parts.
irmadlad@lemmy.world 2 weeks ago
How about a remote VPS?
truxnell@aussie.zone 2 weeks ago
Single node VPS? Yeah, I mean with a smaller distro (Talos/k0s) it’s still fine, but your not utilising clustering which is a lot of the benefit.
If you are keen for gitops (like I am) consider nix or hell a docker-compose and restic backup cron.
Big Asterix is - if you are doing this as a learning tool for $job go nuts, it’s incredible experience for work. But Ive knownna few people that got burnt out doing k8s for work and then k8s at home…