Tag: Gitea

The error message was maddening: “Permission denied while cloning repository.” It was my repository. On my server. In my basement. I own everything here, including the questionable Wi-Fi router and the cat that keeps unplugging cables. Yet somehow, my GitOps pipeline decided to stage a mutiny. If you’ve ever felt personally attacked by your own self-hosted CI/CD setup, you’re not alone.

This article is here to save your sanity (and maybe your cat’s life). We’re diving deep into building a self-hosted GitOps pipeline using Gitea, ArgoCD, and Kubernetes on your home lab. Whether you’re a homelab enthusiast or a DevOps engineer tired of fighting with cloud services, this guide will help you take back control. No more cryptic errors, no more dependency nightmares—just a clean, reliable pipeline that works exactly how you want it to. Let’s roll up our sleeves and fix this mess.

What is GitOps and Why Self-Host?

GitOps is a game-changer for managing infrastructure and application deployments. At its core, GitOps means using Git as the single source of truth for your system’s desired state. Instead of manually tweaking configurations or relying on someone’s “I swear this works” bash script, GitOps lets you define everything declaratively in Git repositories. Kubernetes then syncs your cluster to match the state defined in Git. It’s automated, repeatable, and—when done right—beautifully simple.

But why self-host your CI/CD pipeline? For homelab enthusiasts, self-hosting is the ultimate flex. It’s like growing your own vegetables instead of buying them at the store. You get full control, no vendor lock-in, and the satisfaction of knowing you’re running everything on your own hardware. For DevOps engineers, self-hosting means tailoring the pipeline to your exact needs, ensuring workflows are as efficient—or chaotic—as you want them to be.

Key Tools for Your Pipeline

• Gitea: A lightweight, self-hosted Git service. Think of it as GitHub’s chill cousin who doesn’t charge you for private repos.
• ArgoCD: The GitOps powerhouse that syncs your Git repositories with your Kubernetes clusters. It’s like having a personal assistant for your deployments.
• Kubernetes: The container orchestration king. If you’re not using Kubernetes yet, prepare for a rabbit hole of YAML files and endless possibilities.

Step 1: Setting Up Your Home Kubernetes Cluster

Setting up a Kubernetes cluster at home is both thrilling and maddening. Think of it like assembling IKEA furniture, but instead of a bookshelf, you’re building a self-hosted CI/CD powerhouse. Let’s break it down.

Hardware Requirements

You don’t need a data center in your basement (though if you have one, I’m jealous). A few low-power devices like Raspberry Pis or Intel NUCs will do the trick. Here’s what you’ll need:

• Raspberry Pi: Affordable and power-efficient. Go for the 4GB or 8GB models.
• Intel NUC: More powerful than a Pi, great for running heavier workloads like Gitea or ArgoCD.
• Storage: Use SSDs for speed. Slow storage will bottleneck your CI/CD jobs.
• Networking: A decent router or switch is essential. VLAN support is a bonus for network segmentation.

Installing Kubernetes with k3s

For simplicity, we’ll use k3s, a lightweight Kubernetes distribution perfect for home labs. Here’s how to get started:

# Download the k3s installation script
curl -sfL https://get.k3s.io -o install-k3s.sh

# Verify the script's integrity (check the official k3s site for checksum details)
sha256sum install-k3s.sh

# Run the script manually after verification
sudo sh install-k3s.sh

# Check if k3s is running
sudo kubectl get nodes

# Join worker nodes to the cluster
curl -sfL https://get.k3s.io -o install-k3s-worker.sh
sha256sum install-k3s-worker.sh
sudo sh install-k3s-worker.sh K3S_URL=https://<MASTER_IP>:6443 K3S_TOKEN=<TOKEN>

Replace <MASTER_IP> and <TOKEN> with the actual values from your master node. The token can be found in /var/lib/rancher/k3s/server/node-token on the master.
🔐 Security Note: Avoid exposing your Kubernetes API to the internet. Use a VPN or SSH tunnel for remote access.
Optimizing Kubernetes for Minimal Infrastructure
Running Kubernetes on a shoestring budget? Here are some tips:

Use GitOps: Tools like ArgoCD automate deployments and keep your cluster configuration in sync with Git.
Self-host Gitea: Gitea is lightweight and perfect for managing your CI/CD pipelines without hogging resources.
Resource Limits: Set CPU and memory limits for your pods to prevent one rogue app from taking down your cluster.
Node Affinity: Use node affinity rules to run critical workloads on your most reliable hardware.

💡 Pro Tip: If you’re running out of resources, consider offloading non-critical workloads to a cloud provider. Hybrid clusters are a thing!

Step 2: Deploying Gitea for Self-Hosted Git Repositories
Gitea is a lightweight, self-hosted Git service that’s perfect for homelabs and serious DevOps workflows. Here’s how to deploy it:
Deploying Gitea with Helm

# Add the Gitea Helm repo
helm repo add gitea-charts https://dl.gitea.io/charts/

# Install Gitea with default values
helm install my-gitea gitea-charts/gitea

Once deployed, configure Gitea for secure repository management:

Enable HTTPS: Use a reverse proxy like Nginx or Traefik for SSL termination.
Set User Permissions: Carefully configure access to prevent accidental force-pushes to main.
Use Webhooks: Integrate Gitea with ArgoCD or other automation tools for seamless CI/CD workflows.

💡 Pro Tip: Use Gitea’s built-in API for automation. It’s like having a personal assistant for your repositories.

Step 3: Integrating ArgoCD for GitOps
ArgoCD is the glue that binds your Git repositories to your Kubernetes cluster. Here’s how to set it up:

# Add the ArgoCD Helm repo
helm repo add argo https://argoproj.github.io/argo-helm

# Install ArgoCD
helm install my-argocd argo/argo-cd

Once installed, configure ArgoCD to sync your repositories with your cluster:

Define Applications: Use ArgoCD manifests to specify which repositories and branches to sync.
Automate Sync: Enable auto-sync to keep your cluster up-to-date with Git.
Monitor Health: Use ArgoCD’s dashboard to monitor application health and sync status.

⚠️ Gotcha: ArgoCD’s default settings may not be secure for production. Always review and harden configurations.

Conclusion
Building a self-hosted GitOps pipeline with Gitea, ArgoCD, and Kubernetes is an empowering experience. Here’s what we’ve covered:

GitOps simplifies infrastructure management by using Git as the single source of truth.
Self-hosting gives you full control over your CI/CD workflows.
Gitea is lightweight, customizable, and perfect for homelabs.
ArgoCD automates deployments and keeps your cluster in sync with Git.
Securing your pipeline is critical—always use HTTPS, firewalls, and access controls.

Ready to take the plunge? Share your experience or ask questions at [email protected] Let’s build something amazing together!


Related Reading
If you are building out your GitOps practice, these related guides will help you level up:

Scaling GitOps Securely — Security patterns for GitOps at Kubernetes scale.
Fortifying Kubernetes Supply Chains — How to secure your Kubernetes supply chain with SBOM and Sigstore.
Kubernetes Pod Security Standards — Production-grade pod security for your clusters.


📊 Free AI Market Intelligence
Join Alpha Signal — AI-powered market research delivered daily. Narrative detection, geopolitical risk scoring, sector rotation analysis.
Join Free on Telegram →
Pro with stock conviction scores: $5/mo