aboutsummaryrefslogtreecommitdiff

homelab_iac

A complete Ansible infrastructure as code representation of my homelab featuring many custom roles and a playbook to tie it all together.

Using

Replica

This repo will not work for you immediately after cloning. Please continue reading to understand why. You may clone this repo and then use it as is after filling in the missing pieces for your environment to achieve a replica of my setup.

Individual Roles

Alternatively, if you are only interested in a role or two, you can copy the file structure of the role(s) you are interested in to your own project. Roles should be entirely self contained other than dependence on variables stored in the global variable file.

Omissions

In this public mirror I have decided to omit several files either due to their sensitivity or their specificity to my environment.

Commit History

I did not originally intend for this repo to be public and so previous commits contained plaintext sensitive info. Therefore this public mirror will not contain my commit history and will instead start as a snapshot of my configuration at the time of the initial commit.

Inventory

I have not included my inventory.yml file in this mirror. Please consult the Ansible docs on creating an inventory file before attempting to use this repo.

Secrets

I have purposefully not included my Ansible vault containing various secrets in this public mirror. So if you clone this repo and attempt to run the playbook you will get errors about missing variables. Below is a list of variables that will need to be defined in order for the playbook to run properly. It is highly advised but not mandatory to keep these variables in an Ansible vault.

  • proxmox_password
  • ipabackup_password
  • ci_password
  • ipaadmin_principal
  • ipaadmin_password
  • ipafulladmin_password
  • grafana_password
  • grafana_smtp_password
  • influx_password
  • pihole_password
  • pihole_api_token
  • authelia_jwt_secret
  • authelia_session_secret
  • authelia_encryption_key
  • authelia_oidc_hmac
  • authelia_oidc_cert
  • authelia_oidc_key
  • authelia_smtp_password
  • authelia_ldap_password
  • gitea_client_secret
  • jenkins_client_secret
  • nextcloud_client_secret
  • jellyfin_client_secret
  • bookstack_client_secret
  • navidrome_encryptionkey
  • msmtp_mta_email_password
  • invidious_postgres_password
  • gitea_internal_token
  • gitea_lfs_jwt_secret
  • jenkins_ipa_password
  • docker_registry_password
  • pbs_admin_password
  • pbs_password
  • nextcloud_postgres_password
  • nextcloud_admin_password
  • renovate_token
  • jenkins_password
  • jenkins_apikey
  • jenkins_privkey
  • jenkins_vault
  • jenkins_oic_secret
  • jenkins_oic_escapehatch
  • jenkins_metrics_key
  • photoprism_admin_password
  • wireguard_privkey
  • wireguard_addrs
  • gluetun_cities
  • nginx_key
  • bookstack_mysql_root_password
  • bookstack_mysql_password
  • bookstack_oidc_secret
  • firefly_postgres_password
  • firefly_app_key
  • firefly_cron_token
  • firefly_access_token