mixel/infrastructure
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
IoC for my homelab using opentofu
232 commits 3 branches 0 tags 1.8 MiB
  • Jinja 57%
  • HCL 38.4%
  • Shell 4.6%
Find a file
Exact
Mika 71f2b8fc1a better use assh.yml to reflect first local state which works
2026-06-03 19:20:26 +02:00
ansible refactor(ansible): migrate group_vars/all.yml into group_vars/all/ directory 2026-06-02 11:53:20 +02:00
docs push documentation 2026-06-02 11:19:58 +02:00
opentofu chore(opentofu): remove zigbee2mqtt moved block after state migration 2026-06-02 11:55:22 +02:00
scripts Enable ssh-config generation via assh 2026-06-01 12:24:18 +02:00
services feat: add Pi-hole DNS ad-blocker as rootful Podman quadlet 2026-06-01 23:16:06 +02:00
.env fix: correct OpenTofu module refs, remove ssh_pwauth, re-encrypt .env 2026-06-01 23:16:12 +02:00
.env.example fix: correct stale variables, dead handlers, and redundant role 2026-06-01 23:55:21 +02:00
.gitignore refactor: consolidate SSH key management into single source of truth 2026-06-01 22:17:50 +02:00
.sops.yaml fix issues with sops 2026-05-30 22:13:11 +02:00
AGENTS.md tofu generate inventory 2026-06-03 18:54:43 +02:00
assh.yml better use assh.yml to reflect first local state which works 2026-06-03 19:20:26 +02:00
IMPLEMENTATION_PLAN_OPENTOFU_STATE.md commit implementation plan 2026-05-30 18:04:18 +02:00
README.md refactor: all of the opentofu setup into modules and split them up into folders 2026-05-01 19:07:31 +02:00
Taskfile.yml remove files before recreating them from s3 2026-06-03 19:20:09 +02:00

README.md

Infrastructure Monorepo

This repository manages my home lab infrastructure using OpenTofu for provisioning and Ansible for configuration management.

Structure

.
├── opentofu/       # Infrastructure Provisioning (VMs, Storage, DNS)
│   ├── main.tf
│   └── ...
├── ansible/        # Configuration Management (Software, Docker, Mounts)
│   ├── inventory/
│   ├── roles/
│   └── site.yml
└── ...

1. Provisioning (OpenTofu)

The opentofu/ directory contains the Infrastructure as Code definitions for Proxmox.

VM templates use the upstream Debian cloud image. The downloaded image is not overwritten during routine OpenTofu plans, so template refreshes stay explicit and reviewable. New Debian VMs receive cloud-init vendor-data that installs qemu-guest-agent during first boot so Proxmox can use the guest agent without a separate Ansible bootstrap toggle.

Quick Start:

task tofu:init
task tofu:plan
task tofu:apply

Key Resources:

  • VMs: Defined in main.tf and vms-new.tf.
  • Templates: Debian 13 cloud image template.
  • State: Local state file (backed up, git-ignored).

2. Configuration (Ansible)

The ansible/ directory manages the software and configuration inside the VMs.

Prerequisites:

cd ansible
ansible-galaxy install -r requirements.yml

Dynamic Inventory: This project uses the Proxmox dynamic inventory plugin to find VMs. You must export your Proxmox credentials as environment variables before running playbooks:

export PROXMOX_API_ENDPOINT="https://192.168.1.10:8006/"
export PROXMOX_USER="root@pam"
export PROXMOX_TOKEN_ID="your-token-id"
export PROXMOX_TOKEN_SECRET="your-token-secret"

Running Playbooks:

# Verify inventory
ansible-inventory -i inventory/proxmox.yml --graph

# Run the main playbook
ansible-playbook -i inventory/proxmox.yml site.yml

Documentation