nathan/homelab
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Releases Wiki Activity
55 Commits 2 Branches 0 Tags
Commit Graph

55 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nathan
28f46aa0e2 feat(authentik): add Docker Compose configuration for Authentik services 2026-04-14 19:17:18 -04:00
Nathan
88d67ecf4f docs(ansible): complete Phase 5 - comprehensive validation and vault setup 
Added production-grade validation tooling and documentation:

- ADDED: validate-connectivity.yml playbook with comprehensive checks
  * Ping test, sudo verification, Docker status
  * NFS mount validation, disk usage warnings
  * Proxmox-specific checks (version, cluster status)
  * System uptime reporting
  * Passes ansible-lint production profile

- ADDED: validate-environment.sh health check script
  * 10-point diagnostic validation
  * Color-coded status output
  * Reports all 4 nodes operational

- ADDED: QUICK-REFERENCE.md comprehensive command guide
  * Ad-hoc commands, playbook operations
  * Vault management, linting workflows
  * Inventory targeting examples
  * Integration guides (VSCode, Git)

- ADDED: Ansible Vault secrets template (encrypted)
  * group_vars/all/vault.yml with placeholder secrets
  * AES256 encrypted with vault password
  * Template for sudo, Proxmox, Gitea, NFS credentials

- UPDATED: plan-ansibleSetup.md progress report
  * Phase completion status (Phases 1-4 complete)
  * Deviations documented (hosts.ini format, PVE01 added)
  * Next steps and recommendations

- UPDATED: README.md Ansible section
  * Production-ready status badge
  * Quick validation command
  * Links to new documentation

Environment Status: 🟢 PRODUCTION READY
All 4 nodes responding, linting passed, documentation complete
 2026-04-13 21:33:34 -04:00
Nathan
ebaac8aa50 docs(architecture): correct infrastructure topology - all nodes are physical servers 
- Updated mermaid diagram to show Heimdall as standalone physical server (10.0.0.151)
- Removed nested VM structure incorrectly showing Heimdall inside PVE01 hypervisor
- Corrected infrastructure inventory table: Heimdall listed as "Physical Server" with Intel N100
- Updated Watchtower label from "Raspberry Pi 5" to "Physical Server" for consistency
- Clarified PVE01 role as hypervisor platform with no VMs currently deployed
- Updated repository structure comment: heimdall/ marked as "Physical" not "VM on PVE01"
- Adjusted stats section: "Proxmox VE 9.1.7 available (no VMs currently deployed)"
- Added qualifier to backup strategy: Proxmox VM snapshots only apply when VMs exist

Context: User clarified that all infrastructure nodes (heimdall, waldorf, watchtower,
pve01) are physical servers. Previous documentation incorrectly represented Heimdall
as a VM hosted on the PVE01 hypervisor, when it is actually a standalone physical
server running Ubuntu 24.04.
 2026-04-13 21:12:36 -04:00
Nathan
e087670ca5 feat(readme): update infrastructure description and enhance automation details 2026-04-13 21:01:57 -04:00
Nathan
481d206749 feat(ansible): update host variables for pve01 with detailed hardware and OS information 2026-04-13 20:21:57 -04:00
Nathan
49b3f3a652 feat(proxmox): add onboarding playbooks and host variables for Proxmox VE management 2026-04-13 20:16:57 -04:00
Nathan
ef875a78cc feat(ansible): enhance inventory management and onboarding playbooks with detailed host variables and system facts collection 2026-04-13 20:01:48 -04:00
Nathan
7a3ba409e6 feat(ansible): restructure Ansible configuration and add essential files for infrastructure management 2026-04-13 19:34:39 -04:00
nathan
e16f98a183 feat(bootstrap)!: introduce unified bootstrap system with modular libraries 
BREAKING CHANGE: day0bootstrap.sh deprecated in favor of bootstrap.sh

- Add scripts/bootstrap.sh (488 lines): Unified entrypoint supporting multiple hardware types (Proxmox/Docker VMs/Pi)
- Create scripts/lib/ modular library system:
  - detection.sh: OS/hardware/container detection (362 lines)
  - fingerprint.sh: System fingerprinting and inventory (494 lines)
  - network.sh: IP configuration and VLAN placement (356 lines)
  - proxmox.sh: PVE post-install automation (453 lines)
  - validation.sh: Comprehensive pre-flight checks (510 lines)
- Add validation tools: validate-node.sh, onboarding.sh, pi_init.sh
- Deprecate scripts/day0bootstrap.sh with graceful redirect wrapper
- Document architecture in scripts/README.md (495 lines) and PROXMOX-COMPARISON.md
- Update SOP-002 with new bootstrap workflow
- Add nodes/watchtower/compose.yaml (Raspberry Pi 5 stack)

Migration: Existing day0bootstrap.sh users automatically redirected to new system after 5-second warning. No manual intervention required.

Ref: Infrastructure automation modernization per active-tasks.md
 2026-04-12 22:48:19 -04:00
nathan
2414d8dfc5 updated login pw to test webhook deployment 2026-04-12 22:36:59 -04:00
nathan
d7e2e0c1a0 fix(vscode): update code-server image tag to latest version 2026-04-12 22:17:54 -04:00
nathan
3cd34e71e3 feat(vscode): add initial Docker Compose configuration for VSCode service 2026-04-12 22:00:00 -04:00
nathan
14f7afb8f2 fix(trek): add external proxy network configuration in Docker Compose 2026-04-12 20:32:31 -04:00
nathan
4eb9ad3272 fix(trek): update APP_URL and ADMIN_EMAIL in Docker Compose configuration 2026-04-12 20:21:52 -04:00
nathan
2ece41c7b1 fix(trek): update documentation URL in Compose file 2026-04-12 20:07:34 -04:00
nathan
f79fd3f037 fix(trek): update Traefik router rule to use the correct host for Trek service 2026-04-12 20:05:06 -04:00
nathan
ffc50f85fa fix(trek): correct Docker image tag format in Compose file 2026-04-12 20:02:51 -04:00
nathan
f48c36798e refactor(trek): comment out ports configuration in Docker Compose 2026-04-12 19:59:25 -04:00
nathan
84033b5967 feat(trek): add Docker Compose configuration for Trek application 2026-04-12 19:57:59 -04:00
nathan
0bc82cfbe0 feat(prompts): add plan for Ansible Archive Recovery and standalone Docker adaptation 2026-04-12 17:24:07 -04:00
nathan
016d38d5ab feat(prompts): add Docker service lifecycle and session management workflows 
- Add service management prompts (review, standardize, troubleshoot, integration)
- Add Docker Swarm migration and tutoring workflows (swarm-migration, swarm-tutor)
- Add SSO onboarding guide for Authentik integration (sso-onboarding)
- Add session lifecycle prompts (start, end, status) for context continuity
- Add node bootstrap scripts for Debian Trixie (day0bootstrap.sh) and Ubuntu/Debian (pi_init.sh)

These prompts implement gated, step-by-step workflows with explicit confirmation
requirements to prevent accidental changes during service operations. Bootstrap
scripts standardize IP configuration (10.0.0.200) and install Docker + Ansible
on new nodes.
 2026-04-12 16:30:53 -04:00
nathan
bcd4688523 renamed folder to make contents clearer 2026-04-12 16:24:56 -04:00
nathan
0fcf627e6c added swarm focused ansible files to use as inspo for new environment 2026-04-12 16:23:31 -04:00
nathan
fe3a33968e feat(vaultwarden): enable signups for Vaultwarden service 2026-04-12 14:11:38 -04:00
nathan
f89d78c211 fix(vaultwarden): pin Docker image version to 1.35.5 for stability 2026-04-12 14:04:37 -04:00
nathan
082ee4f7af feat(vaultwarden): add initial Docker Compose configuration for Vaultwarden service 2026-04-12 13:56:08 -04:00
nathan
284f3298ac feat(documentation): add metadata section with repository and documentation links for Tunarr 2026-04-12 13:46:08 -04:00
nathan
7cfc01eea8 feat(documentation): add SOP for initial infrastructure deployment with GitOps integration 2026-04-12 01:41:43 -04:00
nathan
325c4b98a5 feat(documentation): add planning document standards for migration plans and implementation guides 2026-04-12 01:31:43 -04:00
nathan
2531cb4705 feat(documentation): enhance migration guides for Git-crypt and prompt distribution 
- Update Git-crypt migration guide with detailed phase breakdown and time estimates
- Expand prompt distribution plan with implementation options and timelines
 2026-04-12 01:31:32 -04:00
nathan
1b8a406fdc feat(prompts): add Ansible architect prompt for infrastructure optimization 2026-04-12 01:14:51 -04:00
nathan
115527ba19 feat(scripts): add onboarding script for Proxmox management setup 2026-04-12 01:08:28 -04:00
nathan
a934117599 feat(documentation): add migration guide for Git-crypt secret management 2026-04-12 01:00:56 -04:00
nathan
eded49e711 feat(documentation): add centralized prompt repository plan with automated distribution 2026-04-12 00:42:51 -04:00
nathan
63fd1eb034 chore(ansible): establish development standards and tooling 
- ansible/.ansible-lint: Configure safety profile with strict enforcement
- ansible/.ansible-standards.md: Define architectural standards (idempotency, SSH, naming)
- ansible/DEVELOPMENT-SETUP.md: Document required CLI tools and VSCode extensions

Sets foundation for future infrastructure-as-code automation. Enforces Ansible best practices (FQCN, idempotency, block/rescue) and establishes development environment requirements (ansible-lint, proxmoxer, molecule).

Prepares for automated node provisioning and configuration management workflows.
 2026-04-12 00:28:49 -04:00
nathan
8f5735b1ec docs: add Security Audit Report for Homelab infrastructure 2026-04-12 00:17:37 -04:00
nathan
623fdec2bf feat(security): add .gitignore and protection guide to prevent sensitive file commits 
docs(audit): create comprehensive security audit report with critical findings and remediation steps
 2026-04-12 00:16:21 -04:00
nathan
3d7eba7044 docs: add comprehensive README for Castaldi Family Homelab 2026-04-12 00:09:08 -04:00
nathan
a23a8581ee docs: reorganize documentation into KBAs/ and SOPs/ subdirectories 
- documentation/KBAs/: Created subdirectory for Knowledge Base Articles
- documentation/SOPs/: Created subdirectory for Standard Operating Procedures
- documentation/README.md: Updated to reflect new structure with section descriptions
- Moved KBA-001 to KBAs/ folder
- Created SOP-001 (Migrate Stack from UI to Git) in SOPs/ folder
- Fixed all cross-reference links to use correct relative paths (../)

Improves documentation organization by separating troubleshooting guides (KBAs) from procedural guides (SOPs), making it easier to navigate and maintain the knowledge base as it grows.
 2026-04-11 23:56:43 -04:00
nathan
58cde988da changed it back after confirmed success 2026-04-11 23:48:15 -04:00
nathan
b5ac30b090 updated tunarr container name to track automation deployment 2026-04-11 23:46:41 -04:00
nathan
aaded54074 docs(nodes): add hardware specifications to node READMEs 
Hardware details gathered via SSH using standard Linux commands:
- lscpu (CPU architecture and core count)
- free -h (memory capacity)
- df -h (storage capacity)
- lspci (GPU identification for Waldorf)
- uname -r (kernel version)
- cat /etc/os-release (OS distribution)

Improves infrastructure documentation for capacity planning and troubleshooting.
 2026-04-11 23:44:19 -04:00
nathan
b16ac8cf0c docs: Create documentation index with KBA reference 2026-04-11 23:35:17 -04:00
nathan
0d19230ca1 docs: Add KBA-001 for Komodo GitOps deployment troubleshooting 2026-04-11 23:34:54 -04:00
nathan
9eaceb5261 Fix: Remove 'v' prefix from Tunarr image tag (1.2.11) 2026-04-11 23:31:33 -04:00
nathan
deb3a678f9 Fix: Add repos volume mapping for GitOps functionality 2026-04-11 23:15:26 -04:00
nathan
5789ec18ed updated tunarr to specific version (v1.2.11) 2026-04-11 22:52:51 -04:00
nathan
f9db816753 added label to test webhook workflow 2026-04-11 22:41:33 -04:00
nathan
10323dcb6e added tunarr compose 2026-04-11 22:20:11 -04:00
nathan
0a7b4ba191 Add Plex service configuration to Docker Compose 2026-04-11 22:07:06 -04:00