ozymandias/kpr-genesis
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
kpr-genesis/README.md
ozymandias 380969a533 fixed README.md
2025-05-11 01:46:55 +00:00

3.2 KiB
Raw Permalink Blame History

kpr-genesis — GitDriven KPR Proxmox Automation

kpr-genesis is both the runner and the repository that keep your Archbased Proxmox homelab declarative. A push to the main branch triggers:

  1. Terraform provisions / reconciles LXCs on Proxmox.
  2. Ansible installs Docker, then deploys services in those LXCs.

The first wiredin service is the Rust pastebin w4/bin.

Repository Layout

kpr-genesis/
├─ scripts/
│   └─ run\_pipeline.sh        # gitpull → terraform apply → ansible
├─ terraform/                 # infra layer (Proxmox provider)
│   ├─ main.tf
│   ├─ variables.tf
│   ├─ versions.tf
│   └─ (no outputs  DHCP IP comes from Ansible)
└─ ansible/
    ├─ inventory.proxmox.yml  # dynamic inventory (Proxmox API)
    ├─ ansible.cfg            # points to the inventory above
    ├─ requirements.yml       # galaxy roles / collections
    ├─ site.yml               # toplevel playbook
    ├─ group\_vars/
    │   └─ all.yml
    └─ roles/
        ├─ docker/
        │   └─ tasks/main.yml
        └─ bin/
            ├─ tasks/main.yml
            └─ templates/docker-compose.yml.j2

Prerequisites

  • Proxmox VE 8.x with an API token that has at least PVEAdmin on / (root@pam!kpr-genesis in the samples).
  • Arch Linux LXC named kpr-genesis with terraform, ansible-core, python-proxmoxer, and python-requests installed.
  • Public SSH key committed as id_ed25519.pub (Terraform injects it into each new container).
  • Webhook from your Gitea server hitting http://kpr-genesis.<lan>:9000/hook.

FirstTime Setup

# clone the repo as the 'infra' user

git clone https://tetera.kernelpanic.lol/ozymandias/kpr-genesis
cd kpr-genesis

install Ansible roles / collections

ansible-galaxy install -r ansible/requirements.yml

export the Proxmox token

`export PROXMOX_TOKEN=``

run the pipeline once

export TF_VAR_pm_api_url=https://<PROXMOX IP HERE>:8006/api2/json
export TF_VAR_pm_user=root@pam
export TF_VAR_pm_token=<PROXMOX TOKEN HERE>
export TF_VAR_node=pacifica
export TF_VAR_bin_lxc_password='<PASSWORD HERE>'
export PROXMOX_TOKEN=<PROXMOX TOKEN HERE>

./scripts/run_pipeline.sh

Terraform creates a DHCP LXC named bin; Ansible installs Docker inside it and starts the w4/bin container on port 8000.

Workflow

  1. Edit Terraform or Ansible files.
  2. Commit and push to main.
  3. Webhook triggers pipeline; infrastructure converges.

Adding a Service

  1. Add a proxmox_lxc block in terraform/main.tf.
  2. Create a role under ansible/roles/ and reference it in site.yml.
  3. Commit & push — pipeline handles the rest.

Secrets

Only public keys live in Git. The Proxmox token is supplied via the PROXMOX_TOKEN environment variable (or through Ansible Vault if preferred).

Troubleshooting

  • ansible-inventory -i ansible/inventory.proxmox.yml --graph
  • journalctl -u infra-hook for pipeline logs
  • terraform state list to inspect tracked resources