ozymandias/kpr-genesis
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
380969a533
kpr-genesis/README.md
ozymandias 380969a533 fixed README.md
2025-05-11 01:46:55 +00:00

101 lines
3.2 KiB
Markdown
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

kpr-genesis — GitDriven KPR Proxmox Automation
===================================================
**kpr-genesis** is both the runner and the repository that keep your Archbased Proxmox homelab declarative. A push to the `main` branch triggers:
1. **Terraform** provisions / reconciles LXCs on Proxmox.
2. **Ansible** installs Docker, then deploys services in those LXCs.
The first wiredin service is the Rust pastebin [w4/bin](https://github.com/w4/bin).
Repository Layout
-----------------
```
kpr-genesis/
├─ scripts/
│ └─ run\_pipeline.sh # gitpull → terraform apply → ansible
├─ terraform/ # infra layer (Proxmox provider)
│ ├─ main.tf
│ ├─ variables.tf
│ ├─ versions.tf
│ └─ (no outputs DHCP IP comes from Ansible)
└─ ansible/
├─ inventory.proxmox.yml # dynamic inventory (Proxmox API)
├─ ansible.cfg # points to the inventory above
├─ requirements.yml # galaxy roles / collections
├─ site.yml # toplevel playbook
├─ group\_vars/
│ └─ all.yml
└─ roles/
├─ docker/
│ └─ tasks/main.yml
└─ bin/
├─ tasks/main.yml
└─ templates/docker-compose.yml.j2
```
Prerequisites
-------------
* Proxmox VE 8.x with an API token that has at least **PVEAdmin** on `/` (`root@pam!kpr-genesis` in the samples).
* Arch Linux LXC named `kpr-genesis` with `terraform`, `ansible-core`, `python-proxmoxer`, and `python-requests` installed.
* Public SSH key committed as `id_ed25519.pub` (Terraform injects it into each new container).
* Webhook from your Gitea server hitting `http://kpr-genesis.<lan>:9000/hook`.
FirstTime Setup
----------------
\# clone the repo as the 'infra' user
```
git clone https://tetera.kernelpanic.lol/ozymandias/kpr-genesis
cd kpr-genesis
```
# install Ansible roles / collections
`ansible-galaxy install -r ansible/requirements.yml`
# export the Proxmox token
`export PROXMOX\_TOKEN=<PROXMOX TOKEN HERE>``
# run the pipeline once
```
export TF_VAR_pm_api_url=https://<PROXMOX IP HERE>:8006/api2/json
export TF_VAR_pm_user=root@pam
export TF_VAR_pm_token=<PROXMOX TOKEN HERE>
export TF_VAR_node=pacifica
export TF_VAR_bin_lxc_password='<PASSWORD HERE>'
export PROXMOX_TOKEN=<PROXMOX TOKEN HERE>
./scripts/run_pipeline.sh
```
Terraform creates a DHCP LXC named **bin**; Ansible installs Docker inside it and starts the `w4/bin` container on port 8000.
Workflow
--------
1. Edit Terraform or Ansible files.
2. Commit and push to `main`.
3. Webhook triggers pipeline; infrastructure converges.
Adding a Service
----------------
1. Add a `proxmox_lxc` block in `terraform/main.tf`.
2. Create a role under `ansible/roles/` and reference it in `site.yml`.
3. Commit & push — pipeline handles the rest.
Secrets
-------
Only public keys live in Git. The Proxmox token is supplied via the `PROXMOX_TOKEN` environment variable (or through Ansible Vault if preferred).
Troubleshooting
---------------
* `ansible-inventory -i ansible/inventory.proxmox.yml --graph`
* `journalctl -u infra-hook` for pipeline logs
* `terraform state list` to inspect tracked resources
Reference in New Issue View Git Blame Copy Permalink