A comprehensive Infrastructure as Code (IaC) solution for homelab automation using Terraform and Ansible. This project automates the provisioning and configuration of virtual machines on Proxmox VE, creating a complete homelab environment with services like Docker Swarm, Minecraft server, Rundeck automation, and Wazuh security monitoring.
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Proxmox VE Host β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β β vmbr0 Bridge ββ
β β βββββββββββββββ βββββββββββββββ βββββββββββββββ ββ
β β β VLAN 10 β β VLAN 20 β β VLAN 30 β ββ
β β β (Home) β β (Server) β β (Guest) β ββ
β β βββββββββββββββ βββββββββββββββ βββββββββββββββ ββ
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β
βββββββββββ΄ββββββββββ
β Terraform β
β Provisioning β
βββββββββββ¬ββββββββββ
β
βββββββββββ΄ββββββββββ
β Generated β
β Inventory β
βββββββββββ¬ββββββββββ
β
βββββββββββ΄ββββββββββ
β Ansible β
β Configuration β
βββββββββββββββββββββ
| VM Name | Purpose | VLAN | Default Resources |
|---|---|---|---|
| vm-server-automation | Rundeck automation server | Server (20) | 2 CPU, 2GB RAM |
| port-o-party-1 | Docker Swarm manager | Server (20) | 4 CPU, 8GB RAM |
| port-o-party-2 | Docker Swarm worker | Server (20) | 4 CPU, 8GB RAM |
| vm-server-minecraft | Minecraft game server | Server (20) | 2 CPU, 2GB RAM |
| vm-server-wazuh | Security monitoring | Server (20) | 2 CPU, 2GB RAM |
-
Proxmox VE cluster with:
- Ubuntu cloud-init template named
ubuntu-cloudinit-template - API access configured
- Storage pools available (
local-lvmor configured storage)
- Ubuntu cloud-init template named
-
Local Environment:
- Terraform >= 1.0
- Ansible >= 2.9
- jq (for inventory generation)
- SSH key pair generated
-
Clone the repository:
git clone https://github.com/TheQuietBlock/HomebaseOps.git cd HomebaseOps -
Configure Terraform variables:
cp terraform/terraform.tfvars.example terraform/terraform.tfvars # Edit terraform.tfvars with your Proxmox details -
Deploy everything:
make all
This single command will:
- Initialize and apply Terraform configuration
- Generate Ansible inventory from Terraform outputs
- Run Ansible playbooks to configure all services
HomebaseOps/
βββ README.md # This file
βββ makefile # Automation workflows
βββ scripts/ # Helper scripts
β βββ generate_inventory.sh # Dynamic inventory generation
βββ terraform/ # Infrastructure provisioning
β βββ README.md # Terraform-specific documentation
β βββ main.tf # VM resource definitions
β βββ variables.tf # Input variables
β βββ outputs.tf # Output values
β βββ locals.tf # VM configurations
β βββ modules/ # Reusable modules
β β βββ vm/ # VM creation module
β βββ cloudinit/ # Cloud-init templates
βββ ansible/ # Configuration management
βββ README.md # Ansible-specific documentation
βββ ansible.cfg # Ansible configuration
βββ playbooks/ # Playbook definitions
βββ roles/ # Service-specific roles
β βββ base/ # Base system configuration
β βββ docker/ # Docker Swarm setup
β βββ minecraft/ # Minecraft server
β βββ rundeck/ # Automation platform
β βββ wazuh/ # Security monitoring
βββ group_vars/ # Group-specific variables
The project includes a convenient Makefile for common operations:
make init # Initialize Terraform
make apply # Apply Terraform configuration
make inventory # Generate Ansible inventory
make ansible # Run Ansible playbooks
make all # Run complete deployment pipelineThe infrastructure uses VLAN-based network segregation:
- VLAN 10 (Home):
192.168.10.0/24- Home network devices - VLAN 20 (Server):
192.168.20.0/24- Server infrastructure (default for VMs) - VLAN 30 (Guest):
192.168.30.0/24- Guest network access
- Wazuh SIEM: Security monitoring and threat detection
- SSH Key Authentication: Passwordless access to VMs
- Network Segmentation: VLAN isolation
- Automated Updates: Base role ensures systems are updated
- Service Hardening: Minimal attack surface
- Manager: port-o-party-1
- Worker: port-o-party-2
- Features: Automatic cluster formation, shared networking
- Java Edition: Latest stable version
- Management: Systemd service with auto-restart
- Configuration: Customizable memory allocation
- Purpose: Centralized job scheduling and automation
- Integration: Git-based job definitions
- Monitoring: Automated deployment pipeline
- Monitoring: Host-based intrusion detection
- Compliance: Security standards enforcement
- Alerting: Real-time threat notifications
- Add VM configuration to
terraform/locals.tf - Update
terraform/terraform.tfvarswith IP address - Create Ansible role if needed
- Update
ansible/playbooks/site.yml
- CPU/Memory: Override in
locals.tfper VM - Storage: Modify
vm_disk_sizevariable - Network: Adjust VLAN configurations
- Terraform Documentation - Infrastructure provisioning details
- Ansible Documentation - Configuration management guide
-
Terraform API Errors:
- Verify Proxmox API credentials
- Check network connectivity to Proxmox host
- Ensure API token has sufficient permissions
-
Ansible Connection Failures:
- Verify SSH key configuration
- Check VM network connectivity
- Ensure cloud-init has completed
-
Template Missing:
- Create Ubuntu cloud-init template in Proxmox
- Update
clone_templatevariable if using different name
# Terraform debugging
export TF_LOG=DEBUG
terraform apply
# Ansible verbose output
ansible-playbook -vvv playbooks/site.yml
# Check VM status
terraform output ssh_connection_strings- Fork the repository
- Create a feature branch
- Make your changes
- Test thoroughly
- Submit a pull request
This project is open source and available under the MIT License.
- Proxmox VE for virtualization platform
- Terraform for infrastructure provisioning
- Ansible for configuration management
- The open-source community for tools and inspiration