From 115527ba19f23d18dca6118362f3cda472f0ec7b Mon Sep 17 00:00:00 2001
From: nathan <nathan@castaldifamily.com>
Date: Sun, 12 Apr 2026 01:08:28 -0400
Subject: [PATCH] feat(scripts): add onboarding script for Proxmox management
 setup

---
 scripts/README.md     | 72 +++++++++++++++++++++++++++++++++++++++++++
 scripts/onboarding.sh | 44 ++++++++++++++++++++++++++
 2 files changed, 116 insertions(+)
 create mode 100644 scripts/onboarding.sh

diff --git a/scripts/README.md b/scripts/README.md
index 458b3cc..441126c 100644
--- a/scripts/README.md
+++ b/scripts/README.md
@@ -1 +1,73 @@
 # scripts
+
+Automation utilities and helper scripts for homelab infrastructure management.
+
+---
+
+## Inventory
+
+| Script | Purpose | Status |
+|--------|---------|--------|
+| [onboarding.sh](onboarding.sh) | Bootstrap Ansible control node for Proxmox management | 🟡 **DRAFT** - Testing Required |
+
+---
+
+## onboarding.sh
+
+**Purpose:** Automated setup of Ansible control node for Proxmox infrastructure management.
+
+**What it does:**
+1. Installs Ansible and Proxmoxer Python library
+2. Detects or generates SSH keypair (ED25519 preferred, RSA fallback)
+3. Copies public key to Proxmox server for passwordless authentication
+4. Generates Ansible inventory file (`hosts.ini`) with Proxmox connection details
+
+**Prerequisites:**
+- Debian/Ubuntu-based system (uses `apt`)
+- Network access to Proxmox server
+- Initial SSH password for target Proxmox server
+
+**Configuration:**
+Edit the following variables at the top of the script:
+```bash
+PROXMOX_IP="192.168.1.100"       # Target Proxmox server IP
+PROXMOX_USER="root"              # Proxmox SSH user
+```
+
+**Usage:**
+```bash
+cd ~/dev/homelab/scripts
+chmod +x onboarding.sh
+./onboarding.sh
+```
+
+**Verification:**
+```bash
+ansible proxmox_nodes -m ping -i hosts.ini
+```
+
+---
+
+## ⚠️ Development Status
+
+| Script | Testing Status | Known Issues |
+|--------|---------------|--------------|
+| onboarding.sh | ❌ Untested in production | • Hardcoded Proxmox IP/user variables<br>• No error handling for failed SSH key copy<br>• Assumes Debian/Ubuntu package manager<br>• No validation of Proxmox connectivity |
+
+**DO NOT USE IN PRODUCTION** until the following are addressed:
+
+1. **Error Handling:** Add validation checks for each step
+2. **Idempotency:** Verify script can be safely re-run
+3. **Multi-OS Support:** Test on RHEL/Arch variants or add OS detection
+4. **Interactive Mode:** Prompt for PROXMOX_IP/USER instead of manual editing
+5. **Rollback:** Add cleanup mechanism for failed installations
+
+---
+
+## Contributing
+
+When adding new scripts:
+1. Update the **Inventory** table with script name and purpose
+2. Document prerequisites, configuration, and usage
+3. Mark status as 🟡 DRAFT until production-tested
+4. Add to **Development Status** table with known issues
diff --git a/scripts/onboarding.sh b/scripts/onboarding.sh
new file mode 100644
index 0000000..101e9a8
--- /dev/null
+++ b/scripts/onboarding.sh
@@ -0,0 +1,44 @@
+#!/bin/bash
+
+# ==============================================================================
+# ENVIRONMENT VARIABLES
+# ==============================================================================
+PROXMOX_IP="192.168.1.100"       # <--- CHANGE ME
+PROXMOX_USER="root"              # <--- CHANGE ME
+# ==============================================================================
+
+echo "--- Starting Lead Architect Bootstrap Process ---"
+
+# 1. Install Ansible and dependencies
+echo "[1/4] Installing Ansible and Proxmoxer..."
+sudo apt update && sudo apt install -y ansible python3-pip
+pip3 install proxmoxer --break-system-packages 2>/dev/null || pip3 install proxmoxer
+
+# 2. Smart SSH Key Check
+# We check for ED25519 first, then RSA.
+if [ -f "$HOME/.ssh/id_ed25519" ]; then
+    SSH_KEY_PATH="$HOME/.ssh/id_ed25519"
+    echo "[2/4] Found existing ED25519 key at $SSH_KEY_PATH"
+elif [ -f "$HOME/.ssh/id_rsa" ]; then
+    SSH_KEY_PATH="$HOME/.ssh/id_rsa"
+    echo "[2/4] Found existing RSA key at $SSH_KEY_PATH. Using as fallback."
+else
+    SSH_KEY_PATH="$HOME/.ssh/id_ed25519"
+    echo "[2/4] No usable keys found. Generating new ED25519 keypair..."
+    ssh-keygen -t ed25519 -f "$SSH_KEY_PATH" -N ""
+fi
+
+# 3. Transfer Public Key
+# We use the variable determined in the step above
+echo "[3/4] Copying ${SSH_KEY_PATH}.pub to Proxmox ($PROXMOX_IP)..."
+ssh-copy-id -i "${SSH_KEY_PATH}.pub" "${PROXMOX_USER}@${PROXMOX_IP}"
+
+# 4. Create Inventory
+echo "[4/4] Generating hosts.ini..."
+cat <<EOF > hosts.ini
+[proxmox_nodes]
+proxmox_server ansible_host=$PROXMOX_IP ansible_user=$PROXMOX_USER ansible_ssh_private_key_file=$SSH_KEY_PATH
+EOF
+
+echo "--- Bootstrap Complete ---"
+echo "Verification: ansible proxmox_nodes -m ping -i hosts.ini"
\ No newline at end of file