No description
| .forgejo/workflows | ||
| .vscode | ||
| ansible | ||
| documentation | ||
| kubernetes | ||
| tofu/windows | ||
| .gitignore | ||
| ansible_roles_check.py | ||
| readme.md | ||
| requirements.txt | ||
| roles | ||
Homelab Set Automation
Ansible
Prerequisites
| Software | Description |
|---|---|
| bw | Commandline Bitwarden client - used for secrets lookup |
Playbooks
| Playbook | Description |
|---|---|
| playbook.yml | Default playbook that contains roles for all hosts (servers and pcs). |
| ansible/playbook-k8-services-yml | Runs all configured helm chart deployments against the first k8s host in the hosts group. |
| ansible/playbook-unifi.yml | experimental playbook used to generate config file for Unifi USH containing wireguard connection definitions. |
| ansible/playbook-update-all.yml | run apt-update && apt-upgrade on all hosts |
| ansible/playbook-useraccess.yaml | not used - for reference |
| ansible/playbook-zabbix-sites.yml | Read all services from k8s and create site monitoring for each within Zabbix. |
Common run scenarios
| Command | Description |
|---|---|
| ansible-playbook -i hosts playbook-k8s-services.yml --tag git | Deploys k8s helm charts with only the "git" tag specified. |
| ansible-playbook -i hosts playbook.yml --limit laptop --connection local | runs main playbook locally on 'laptop' host |
Kubernetes
Kubernetes cluster is currently run using Microk8s. Helm charts from artifacthub.io are used whenever available. Ansible is used to deploy charts to allow secret injection into values and repeatability.