My trusty notebook NAS and homelab

Find a file

Marty Oehme 961e10223c ref(system): Fix ssh authorized keys task Fixed the loop for authorized keys. While I read previously that the Ansible module can take keys in the array format: ```yaml key: - key1 - key2 - ... ``` This seems to not be the case. Instead, we now do a 'sub-loop' through all the existing authorized_keys entries in the data structure, running the task once for each key. This also means we can simplify the 'when' condition to only check the data structure itself exists, not the key since we only loop once for each existing key anyway. More in-depth explanation on the subelements filter here: https://docs.ansible.com/projects/ansible/latest/playbook_guide/playbooks_filters.html#combining-objects-and-subelements Concise explanation of use here: https://overflow.ducks.party/questions/56086290/how-can-i-traverse-nested-lists-in-ansible One drawback: we can now _not_ change the key setting in the module to be exclusive (`exclusive: true` for `authorized_keys` module). As described in the documentation, if there are more than one key for a user, this would lead to the following keys overwriting the first key. Currently do not know how to fix this, but we are not supplying exclusive keys so it is fine for the moment.		2025-11-28 18:39:33 +01:00
group_vars/instance_system	vault: Add restic secrets	2025-07-18 21:37:11 +02:00
roles	ref(system): Fix ssh authorized keys task	2025-11-28 18:39:33 +01:00
tofu	feat: Create skeleton for terraform provisioning role	2025-11-28 14:19:26 +01:00
.gitignore	feat: Add Ansible, Terraform gitignore entries	2025-11-28 14:19:25 +01:00
ansible.cfg	feat: Enable ansible pipelining, Disable python warning	2025-11-28 14:19:26 +01:00
inventory	repo: Grab become password from pass store	2025-07-17 18:08:55 +02:00
justfile	feat: Set up ansible role install task for just	2025-11-19 22:13:06 +01:00
README.md	docs: Add organization roadmap to README	2025-11-19 22:13:08 +01:00
requirements.yaml	feat: Set up ansible role install task for just	2025-11-19 22:13:06 +01:00
site.yaml	feat: Create skeleton for terraform provisioning role	2025-11-28 14:19:26 +01:00

README.md

Homelab NAS stacks

All the homelab server roles running here. Intended as an (ultimately) idempotent setup, perhaps with ansible preparing the host and the roles.

For now, a simple storage of my docker stacks, transferred from an older NAS system.

Arr stack

Hosts all the pertinent *arr applications, as well as indexer collection application prowlarr, download services, and media management applications jellyfin and audiobookshelf.

Media can be requested through Jellyseerr.

Served through homarr personal dashboard.

Paperless stack

Hosts all my personal documents. This is an important stack which should be backed up accordingly.

Grocy stack

Was an experimental stack which I may have used in my home for shopping lists, ingredient tracking, and more.

After some consideration and experimentation, for the moment, I have decided against using grocy: it provides comprehensive tracking but also requires comprehensive use to get the most out of it.

I get the feeling a badly implemented/maintained grocy setup is worse than a simpler task-list and e.g. Recipe KanBan board approach.

Thoughts on organization

. ansible roles system infrastructure -> calls tofu role arr paperless ...

tofu incus_machines incus_networks? incus_storage?

Production IaC

ansible: host_roles: system filesystem
terraform: infrastructure (tofu)
ansible: instance_roles: caddy arr paperless

Testing

terraform? ansible?
- create 'host' VM
- ensure connection to host vm as part of host group
ansible: host_roles: ...
tf: infra...
ansible: instance_roles:...