From 57b46294242def71ac2ad945d8d47fb3a7b1550a Mon Sep 17 00:00:00 2001
From: anon <anon@mycorrhiza>
Date: Thu, 11 Dec 2025 23:15:30 +0000
Subject: [PATCH] =?UTF-8?q?Create=20=E2=80=98infra=E2=80=99?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 infra.myco | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100644 infra.myco

diff --git a/infra.myco b/infra.myco
new file mode 100644
index 0000000..8ba248a
--- /dev/null
+++ b/infra.myco
@@ -0,0 +1,9 @@
+All of this is running on a Raspberry Pi 5 sitting in a closet. The Pi runs k3s, a lightweight Kubernetes implementation, and Tailscale to allow me to access resources when I'm away from home.
+
+== FluxCD
+
+The cluster is managed by FluxCD. I describe my apps in kustomizations and plain YAML.
+
+== SSL
+
+SSL certs are issues through letsencrypt. I've pointed my name cheap domain name to Google Clouds DNS servers, then setup cert-manager in the Kubernetes cluster to acquire SSL certificates using the DNS challenge method. This allows me to have valid SSL certs with no client side configuration, and without actually exposing my service to the Internet (which would be required for the standard HTML challenge).
\ No newline at end of file