ozymandias/kpr-genesis
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
18a5148144
kpr-genesis/README.md
ozymandias 18a5148144 Added README.
2025-05-11 01:41:19 +00:00

3.2 KiB
Raw Blame History

kpr-genesis — GitDriven KPR Proxmox Automation

kpr-genesis is both the runner and the repository that keep your Archbased Proxmox homelab declarative. A push to the main branch triggers:

  1. Terraform provisions / reconciles LXCs on Proxmox.
  2. Ansible installs Docker, then deploys services in those LXCs.

The first wiredin service is the Rust pastebin w4/bin.

Repository Layout

kpr-genesis/ ├─ scripts/ │ └─ run_pipeline.sh # gitpull → terraform apply → ansible ├─ terraform/ # infra layer (Proxmox provider) │ ├─ main.tf │ ├─ variables.tf │ ├─ versions.tf │ └─ (no outputs DHCP IP comes from Ansible) └─ ansible/ ├─ inventory.proxmox.yml # dynamic inventory (Proxmox API) ├─ ansible.cfg # points to the inventory above ├─ requirements.yml # galaxy roles / collections ├─ site.yml # toplevel playbook ├─ group_vars/ │ └─ all.yml └─ roles/ ├─ docker/ │ └─ tasks/main.yml └─ bin/ ├─ tasks/main.yml └─ templates/docker-compose.yml.j2

Prerequisites

  • Proxmox VE 8.x with an API token that has at least PVEAdmin on / (root@pam!kpr-genesis in the samples).
  • Arch Linux LXC named kpr-genesis with terraform, ansible-core, python-proxmoxer, and python-requests installed.
  • Public SSH key committed as id_ed25519.pub (Terraform injects it into each new container).
  • Webhook from your Gitea server hitting http://kpr-genesis.<lan>:9000/hook.

FirstTime Setup

# clone the repo as the 'infra' user

git clone https://tetera.kernelpanic.lol/ozymandias/kpr-genesis
cd kpr-genesis

install Ansible roles / collections

ansible-galaxy install -r ansible/requirements.yml

export the Proxmox token

`export PROXMOX_TOKEN=``

run the pipeline once

export TF_VAR_pm_api_url=https://<PROXMOX IP HERE>:8006/api2/json
export TF_VAR_pm_user=root@pam
export TF_VAR_pm_token=<PROXMOX TOKEN HERE>
export TF_VAR_node=pacifica
export TF_VAR_bin_lxc_password='<PASSWORD HERE>'
export PROXMOX_TOKEN=<PROXMOX TOKEN HERE>

./scripts/run_pipeline.sh

Terraform creates a DHCP LXC named bin; Ansible installs Docker inside it and starts the w4/bin container on port 8000.

Workflow

  1. Edit Terraform or Ansible files.
  2. Commit and push to main.
  3. Webhook triggers pipeline; infrastructure converges.

Adding a Service

  1. Add a proxmox_lxc block in terraform/main.tf.
  2. Create a role under ansible/roles/ and reference it in site.yml.
  3. Commit & push — pipeline handles the rest.

Secrets

Only public keys live in Git. The Proxmox token is supplied via the PROXMOX_TOKEN environment variable (or through Ansible Vault if preferred).

Troubleshooting

  • ansible-inventory -i ansible/inventory.proxmox.yml --graph
  • journalctl -u infra-hook for pipeline logs
  • terraform state list to inspect tracked resources