dogfalo/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
homelab/Headlamp.md
Alvin Wang 4301877f33 Update docs to match live cluster state 
Audited the running cluster and fixed all .md files:
- Node info: Fedora 43, Lima (not OrbStack), worker IP 10.0.1.58
- Networking: fixed public/internal hostname tables, all *.dog internals
- Storage: removed Longhorn refs (not deployed), documented hostPath/local-path
- Services: moved Seerr to media chart, utils is Zerobyte only
- Bootstrap: reordered steps, MetalLB/traefik-internal as manual pre-deploy
- Headlamp.md/MetalLB.md: added context and explanations

Made-with: Cursor
2026-04-22 14:59:34 -07:00

742 B
Raw Blame History

Headlamp — Manual Token Access

The charts/headlamp Helm chart deploys Headlamp with its own in-cluster ServiceAccount (headlamp) and a cluster-admin ClusterRoleBinding. That SA is used by the running pod and does not require manual setup.

To generate a bearer token for logging in to the Headlamp UI (e.g. from a browser), create a separate short-lived token:

kubectl -n apps create token headlamp --duration=48h

If you need a dedicated SA for external/long-lived access instead:

kubectl -n apps create serviceaccount headlamp-admin
kubectl create clusterrolebinding headlamp-admin \
  --serviceaccount=apps:headlamp-admin \
  --clusterrole=cluster-admin
kubectl -n apps create token headlamp-admin