This is my Homelab infrastructure.
Requirements
- Ansible (version >= 5.0.0)
- Python3 and Pip
- Packer (version >= 1.7)
- Packer builder arm
- Terraform (version >= 1.1)
- Terragrunt (version >= 0.35)
Ansible
cd ansible
Fill certs folders
Install python dependencies pip3 install -r requirements.txt
Install ansible galaxy dependencies ansible-galaxy install -r requirements.yml
fill all secrets.yml based on secrets.example in each subdirectory of groups_vars
Set environment variable ANSIBLE_VAULT_PASS like export ANSIBLE_VAULT_PASS='password'
Playbooks to add fingerprint on know_hosts
ansible-playbook -i hosts playbooks/add-ssh-keys.yml
Playbooks to create client certificate signed by a CA
ansible-playbook -i hosts playbooks/generate-certs.yml
Playbooks to deploy a zone
ansible-playbook -i hosts deploy_<zone>.yml
Replace <zone> by the appropriate zone name
Packer
cd packer
Init packer plugins
packer init packer/templates/debian
Port 8888 used for debian build
Port 8889 used for ubuntu build
Open both ports on windows firewall
Start powershell prompt with admin right netsh interface portproxy add v4tov4 listenaddress=<WINDOWS IP> connectaddress=<WSL IP> listenport=<WINDOWS PORT> connectport=<WSL PORT>
Replace with the LAN IP of your PC and with [8888, 8889]
To delete the rules netsh interface portproxy del v4tov4 listenaddress=<IP> listenport=<PORT>
Supported distributions :
VM
Raspberry Pi (v3/v4)
- Ubuntu (20.04.3) - iso
Create template
./build.sh (sudo permission required for Raspberry Pi choice only)
Terraform
cd terraform
Install dependencies pip3 install paramiko
fill account.hcl based on account.example
Command must be run in one of this directories (dmz/lab/vpn)
Create an execution plan
terragrunt run-all plan
Deploy/update infrastructure
terragrunt run-all apply
Licence
The code is under CeCILL license.
You can find all details here: https://cecill.info/licences/Licence_CeCILL_V2.1-en.html
Credits
Copyright © Ludovic Ortega, 2021
Contributor(s):
-Ortega Ludovic - [email protected]