Adaetum
One stack, any scale
Free and open source
GitOps, recovery, and security are built in from the start, so the path from bootstrap to day-2 operations stays repeatable, resilient, and easier to recover instead of drifting into one-off node state.
For homelabs: lower the experience barrier, cut the maintenance burden, and keep a distributed lab rebuildable across the hardware you already have.
For enterprise: govern the baseline, make capacity predictable, and push platform operations away from pets and toward reviewable cattle.
For homelabs
Lower the experience burden, cut the babysitting, and turn spare hardware into a cluster that can survive node loss, fail over across friends' houses, and pull in AWS, Azure, or Google Cloud capacity when uptime matters more than purity.
For enterprise
Governance, policy, secrets, recovery, and GitOps tied to one controlled path that turns pet infrastructure into something far closer to cattle, with HA and recovery posture that can span on-prem, off-site, and cloud-backed capacity.
$ task initialize
bootstrap: generated
delivery: published
cluster: awaiting first nodeDay-0
Bootstrap
Day-1
Baseline
Day-2+
GitOps
Who it's for
Situation
Friends, family, or real users depend on services running out of your lab now. That means every experiment carries more risk, because breaking the stack no longer just ruins your evening.
This fits people who want a safer way to keep iterating once the lab stops being disposable: clearer recovery, less fear of starting over from scratch, and a more production-like path without giving up the freedom to build.
Situation
The opportunity is obvious: pool hardware across houses, use it for failover, and give the cluster more room to survive power loss, hardware loss, or local outages. The problem is that not everyone is equally savvy, and nobody wants a setup only one person can operate.
This fits people who need remote management, shared expectations, and a maintainable way to let multiple people participate in the same platform while still using pooled hardware for HA, failover, and their own workloads.
Situation
The economics say to use hardware you already own, but the uptime story still has to work when local capacity disappears, demand spikes, or a site goes dark. You do not want the answer to every resilience problem to be “just run everything in the cloud all the time.”
This fits teams that need HA, cloud failover as needed, and a clearer way to think about capacity planning without treating every environment as a separate operational universe.
Situation
You could rely on major cloud vendors for parts of the compliance story, but you still need a definitive source of truth, reproducible configuration, and a way to prove what the platform is supposed to be running when an audit actually arrives.
This fits teams that want an opinionated setup out of the box: one that bakes in policy, GitOps, identity, secrets, and a more provable operating model instead of leaving those controls to scattered follow-on projects.
Why they use it
A repeatable bootstrap path plus Git-driven change means a bad experiment or dead machine does not have to become a full rediscovery project, and recovery stops depending on memory alone.
Longhorn-style replicated storage, clustered nodes, and remote reachability make it much easier to treat spare machines as capacity instead of as isolated boxes you hope never die, including hardware spread across homes and borrowed shelves.
Argo CD and Gitea give the lab a source of truth, so edits, experiments, and rollbacks can happen through commits instead of mystery changes on live nodes.
Tailscale, routed access, identity, and secrets management make it easier to share a pooled setup with other people without turning every admin surface into a trust exercise or every admin task into a one-person job.
Prometheus, Grafana, Alertmanager, and notifications give you a way to see what is failing, what is degrading, and what needs attention before somebody else tells you first.
Homepage, Headlamp, Authentik, and mesh access make it easier for more than one person to reach the right interfaces, understand what is running, and help maintain the setup even when they are not the most infrastructure-savvy person in the group.
A defined machine-to-cluster path makes it easier to recover environments, replace nodes, and avoid treating every outage, rebuild, or expansion as a custom project.
The same operating model can use on-prem hardware where it makes economic sense, then fail over or extend into cloud capacity when uptime, demand, or recovery conditions require it.
Gitea plus Argo CD give teams a more definitive way to prove intended state, review change, and reconcile production back to code.
Identity, secrets, policy, and audit-oriented controls make it easier to show what should be running, why it is allowed, and how the platform is managed when compliance pressure arrives.
Prometheus, Grafana, Alertmanager, and related tooling give teams a shared view of platform health, routed alerts, and a faster path from signal to response.
Routed portals, identity-aware access, and Kubernetes-facing UI tools make it easier for multiple operators to work inside one platform model without falling back to unmanaged side access.
Lifecycle
Traditional Day-0
Gather the API keys and config Adaetum needs, generate the custom ISO, and boot the first machine. The node setup itself is meant to be fully automatic once the image is in place.
Generate configuration and installer artifacts, activate the first node, and bring up the governed baseline services the platform will depend on from day one.
Traditional Day-1
In the homelab case, day-1 is intentionally light. If you want to change how nodes or baseline apps come up automatically, this is where you edit the repo files that drive that provisioning.
Add nodes, verify health and routed access, and turn machine bring-up into a supportable baseline with fewer side channels and special cases.
Traditional Day-2+
Once the cluster is up, you interact with it through the apps it deploys and make ongoing changes through Git. That keeps rollbacks fast, repeatable, and much easier than fixing drift node by node.
Use Gitea as the operational source of truth and let Argo CD reconcile the platform so production change flows through desired state instead of node-by-node intervention.
OS and host bootstrap layer
The host layer is about getting machines into the platform cleanly and keeping enforcement tied to the same automation path afterward.
The primary host operating system path Adaetum targets today for kickstart-driven installs and predictable first-machine bring-up.
The bootstrap automation engine that turns intended host and platform state into actual machine and cluster changes.
The execution layer that lets the same Ansible automation continue as ongoing enforcement instead of stopping at bootstrap.
Cluster foundation layer
The foundation layer is what turns first boot into a durable platform with cluster management, storage, and certificates already accounted for.
The Kubernetes distribution at the center of Adaetum's cluster model from first-node activation through steady-state operations.
The management and administration surface that gives operators a clearer control plane view of the cluster.
The distributed storage layer that gives the cluster a durable volume story instead of pretending everything can stay stateless forever.
The certificate automation layer that keeps TLS issuance and renewal inside the platform baseline.
GitOps and source of truth layer
This layer is the steady-state core: commit changes, keep one source of truth, and let reconciliation do the routine platform work.
The reconciliation engine that applies desired state from Git into the cluster so day-2 operations stay declarative instead of manual.
The in-cluster forge and authoritative source-of-truth repository where Adaetum expects steady-state platform changes to live.
Secrets, identity, and policy layer
This layer is where Adaetum turns security from a checklist item into part of the normal operating model.
The secrets anchor for sensitive platform state, credentials, and bootstrap material that should not be scattered across ad hoc files.
The identity and login layer that protects routed operator-facing UI access instead of leaving admin surfaces casually exposed.
The policy engine that prevents unmanaged or policy-breaking changes from quietly becoming the new normal.
The security scanning and posture tooling that helps keep the cluster honest about what it is actually running like.
Networking and edge access layer
This layer is how nodes find each other, how services get exposed, and how the platform reaches beyond one flat local network.
The mesh connectivity and operator access layer that replaces the need for a flat traditional management network.
The ingress layer that handles routed entry into the cluster and defines how services are reached from the edge.
The edge, DNS, and tunnel delivery layer Adaetum leans on for publishing, routing, and secure external reachability.
Observability, portal, and automation layer
This layer is how operators verify health, see posture, receive alerts, and automate the supporting work around the cluster.
The metrics backbone that tells you what the cluster is doing instead of making you infer health from vibes and shell prompts.
The dashboard layer for turning platform and workload telemetry into something people can actually inspect quickly.
The alert routing layer that turns failures and threshold crossings into actual operator signals instead of hidden dashboards.
The baseline portal and operator-facing landing surface used to validate routed UI access after bootstrap.
The Kubernetes UI surface that gives operators another fast way to inspect workloads, cluster state, and platform objects.
The notification layer that helps get platform events and alert flows to the places operators will actually see them.
The supporting automation plane used around bootstrap artifact publishing and workflow orchestration where GitHub still has a role.
No funnel. No signup wall.
If infra and ops are "Greek to me," welcome to the Adaetum: the inner sanctum. Whisper to your AI oracle, ship the commit, watch Argo CD do the ritual.