Homelab provisioning using opentofu + ansible playbooks. Services are (to be) run on Podman Quadlets.

Find a file

mustard bed7bcf4fd feat: fix gvisor for radicale, add isolated networks for jellyfin / radicale		2025-11-09 19:50:58 +01:00
files	chore: add miscellaneous config files	2025-10-03 23:07:55 +02:00
roles	feat: fix gvisor for radicale, add isolated networks for jellyfin / radicale	2025-11-09 19:50:58 +01:00
secrets	feat: add secrets directory	2025-11-05 11:32:55 +01:00
.gitignore	chore: added various terraform dirs to gitgnore	2025-10-14 12:17:23 +02:00
.terraform.lock.hcl	feat: added .terraform.lock.hcl	2025-10-03 23:06:45 +02:00
deploy.yaml	feat: add radicale	2025-11-03 12:07:18 +01:00
inventory.yaml	feat: add radicale	2025-11-03 12:07:18 +01:00
LICENSE	Initial commit	2025-10-03 19:29:46 +02:00
main.tofu	feat: add radicale	2025-11-03 12:07:18 +01:00
provision.yaml	cleanup: fixed role execution order and directory chmod permissions	2025-10-14 00:21:16 +02:00
README.md	doc: minor expansion to README	2025-10-14 00:26:06 +02:00

README.md

proxmox-vms

Homelab provisioning using opentofu + ansible playbooks. Services are run on Podman Quadlets on Fedora Cloud VMs.

Usage

tofu apply

Wait until initial cloud-init provisioning is done and the VM reboots once. Then you can run the ansible playbook:

ansible-playbook -i inventory.yaml provision.yaml

Copy over /secrets and /srv directories.

Run the ansible playbook:

ansible-playbook -i inventory.yaml deploy.yaml

dnf and podman are automatically updated, the dnf update also triggers a runsc update. SSH keys are provisioned by cloud-init, alongside disabling copy on write for BTRFS since the Proxmox Host uses ZFS, and there is no easy way to swap out Fedora cloud's default filesystem.