From the very beginning, I used an Infrastructure as Code (IaaC) approach in my homelab. However, due to privacy concerns, I couldnβt publish it as open source. Recently, I spent a lot of time separating sensitive information so that I could publish the rest as open source π
Check it out here: https://github.com/mkuthan/homelab-public
Why IaaC?
What is a main challenge in a homelab? For me itβs the same as in a production environment - keeping everything up to date, secure, and reliable while minimizing manual work.
Iβm a software engineer, so Iβm used to writing beatiful, testable code. In the infrastructure world, itβs not that easy. Fortunately, IaaC tools like Terraform and Ansible help me to write infrastructure code in a way Iβm used to.
Terraform
Terraform defines the following resources in my homelab:
π₯οΈ Linux containers (LXC) using the Telmate Proxmox provider. It covers most of the container resource definitions: CPU, memory, root disk, mount points, networking, SSH keys, and nested virtualization. In the Proxmox UI, I only define replication and high availability settings.
βοΈ Virtual Private Server (VPS) with required networking resources in Google Cloud Platform (GCP). I use this VPS for hosting Uptime Kuma to monitor my homelab services.
π¦ Bucket on Google Cloud Storage (GCS) for storing offsite backups.
π Tailscale access control lists (ACLs). Thanks to data providers like tailscale_devices or tailscale_users Iβm able to generate ACLs on the fly.
Ansible
Ansible roles define almost all the software I use in my homelab. I couldnβt imagine to maintain all that stuff manually. Here are some examples:
π‘οΈ Adguard DNS
π¦ Apt Cacher NG
π οΈ Backup Ninja
π³ Docker
πΉ Frigate
π Grafana
π Grafana Agent
π΄ Gramps
π Hyperion NG
πΈ Immich
π₯ Kodi
π Loki
π§ Mailrise
π Mosqquitto
π NUT
π Omada Software Controller
π Paperless NGX
πΎ Proxmox Backup Server
π Prometheus
π΅ Raspotify
π RClone
π₯οΈ Samba
π SearXNG
πΆ Shairport
π Stirling PDF
π Tailscale
π Traefik
π‘ Transmission
π Uptime Kuma
π Vaultwarden
π Whoogle
π‘ Zigbee2MQT
If youβre interested in how these services are set up in my homelab, you can explore the playbooks. Here are some examples: Proxmox hosts, Raspberry Pi, VPS.
Please note that I use a dynamic Ansible inventory for all my Linux containers. You can find more details in the inventory.proxmox.yml file. The static inventory includes only non-virtualized hosts such as Proxmox VE, Raspberry Pi, and VPS.
Conclusion
I hope you find my homelab setup useful and inspiring. If you have any questions, feel free to ask me on GitHub Discussions.
Comments