Slides and documentation on how I overengineered my PiHole at home.

2 minutes

Introduction in Pi-hole, what it is, what it does, what it doesn't do.

30 seconds

Installing Pi-hole on a Raspberry Pi.

1 minute

Why I moved to containers. I wanted to do some monitoring, these processes had a different set of dependencies, so moved to containers to guarantee isolation.

1 minute

The SD card had a lot of issues, and reconfuring the Pi-hole was a pain. I decided to use Ansible to automate the process.

2 minutes

Small introduction on Prometheus and Grafana and how I use dashboards.

3 minutes

Remembering ports is hard, I also wanted SSL on everything. So I introduced Traefik. This collection of services made me realize that everything was becoming rather complex to manage in Ansible, because of the push-based nature. I wanted to define everything in git. One solution to achieve this is Kubernetes with a GitOps approach.

Include quote of Kelsey Hightower on not using Kubernetes

2 minutes

Things go down all the time, so I introduced Uptime Kuma with Gotify to send me an alert when DNS no longer resolves.

30 seconds

I introduced Diun to monitor current images in the cluster and if they have updates available. Whenever an update is available, I make 1 commit and Argo makes sure all the relevant containers are updated.

3 minutes

I wanted better visibility on what this container is doing. Which connections come in and which requests are going out.

1 minute

What is eBPF and why does it matter

2 minutes

How I use Cilium and Hubble to get better visibility on what is happening in the cluster.

2 minutes

How I leveraged eBPF to monitor what all containers are doing and how I use Falco to detect malicious activity.

2 minutes

I wanted to use Pi-hole on the go, so I introduced WireGuard to connect to my home network and use Pi-hole on the go. But I didn't want to expose ports on my router, so here's a sprinkle of AWS