Ansible tools to assemble my homelab ant hill!
$ ansible-galaxy install -r requirements.yaml
$ export BECOME_PASSWORD=sudo-password-to-ant-hill # remember about the space to not write this to history!
$ export VAULT_PASSWORD=vauilt-password
$ ./hill.sh # configure hill that provisions ant-dev and ant-services
$ ./dev.sh # configure ant-dev
$ ./services.sh # configure ant-services- mDNS to autodiscover with MacOS
- Mount disk by labels
- Script Let's encrypt certs into ant-services (done via docker!)
- Place docker services into a ant-services VM and passthrough data disk there
- Move time machine to ant-services?
- Move SMB NAS to ant-services
- Convert as many configs from data disk to static declarative configuration
- samba
- ddclient
- gickup
- rclone
- swag
- kong
- prometheus
- grafana
- Do not expose port from docker containers, hide everything behind Kong
- Try to remove root user from Kong
- Node exporter does not report proper network stats :(
- Report Public IP # it is reported by speedtest exporter
- Move metrics to location that can survive VM removal, but do not backup them
- Log retention
- Slack channel alarms
- VPN to ant hill
- Install cockpit via Ansible
- Configure vmbridge0
- Automate Sensors with https://hub.docker.com/r/amkay/sensor-exporter + Podman
- Try to get rid of additional network card?
Last ant-services container updates: 21.01.2023