Aslan's Infrastructure & AI Homelab

Infrastructure as Code

• Ansible Configuration Management Automated baseline OS setup, user groups, K3s bootstrapping, and GPU drivers.
• Terraform Provisioning Managed via AWS S3 state backend. Provisions Namespaces, Route53 DNS wildcard records, and base Helm charts.
• FluxCD GitOps Continuous reconciliation of the Kubernetes state directly from GitHub. No manual `kubectl apply` for apps.
• External Secrets Operator Integrated with Bitwarden to inject API keys securely into the cluster without committing them to Git.

Bare-Metal AI Architecture

AI workloads run as highly-optimized bare-metal systemd services to bypass container overhead for massive models.

• Ollama (LLM Engine) Running Qwen3.5-35B MoE via ROCm. Connected to Open WebUI (running in K3s) and Continue.dev in VSCode for AI coding assistance.
• ComfyUI PRO (Diffusion & Video) Serving Stable Diffusion 3.5 Large and Alibaba Wan2.2 Video generation natively on the 24GB AMD GPU.
• Autonomous MCP Agent A custom Model Context Protocol (MCP) server exposing host hardware metrics and `systemctl` to a Qwen3-Coder agent that monitors and heals the infrastructure.

Observability & Networking

• Traefik Ingress & TLS Wildcard routing for `*.a-tishbek.info` automatically secured with Let's Encrypt certificates via cert-manager HTTP-01 challenges.
• Kube-Prometheus-Stack Prometheus, Alertmanager, and Grafana providing full node and pod-level metrics (fixed WSL2 mount propagation issues manually).
• AdGuard Home (Network-Wide) Running on `hostNetwork` to intercept all LAN DNS and serve DHCP, bypassing ISP router limitations.