Tech Stack • Directory Overview • Gallery • Road Map
A bare-metal Proxmox infrastructure provisioned using Terraform (IaC) and established with a complete GitOps automation pipeline with ArgoCD and Ansible, hosting a segregated Dev environment with an Ubuntu cluster for continuous experimentation with Cloud, DevOps, Networking, and Automation.
Alongside it has a Production environment consisting of lightweight LXC containers providing essential services, and a lightweight Talos Linux Kubernetes cluster for project and service deployment, focusing on high availability and disaster recovery.
The whole architecture enforces a security-first posture by managing all credentials through HashiCorp Vault, Ansible Vault, and SOPS encryption as necessary.
| Logo | Name | Description |
|---|---|---|
 |
Proxmox VE | The backbone of this homelab is an open-source server virtualization platform. All LXC containers and VMs are running on this environment. |
 |
Terraform | This is the Infrastructure As Code tool that provisions assets inside Proxmox VE and supporting assets in the Cloud. Here, these provisions create two separate environments, Dev and Prod. Read this doc to learn more about the implementation Here |
 |
Ubuntu Server | Base OS for development VMs. |
 |
Debian | Base OS for LXC Containers. |
 |
Talos | Talos Linux is a Kubernetes-optimized Linux distro. This is the base OS for the main Kubernetes cluster in the Prod environment. Read this doc to learn more about the implemenation Here |
 |
Ansible | Configuration management tool for VMs and Containers. Read this doc to learn more about the implemenation Here |
 |
ArgoCD | GitOps tool built to deploy applications to Kubernetes. Read this doc to learn more about the implemenation Here |
 |
Kubernetes | Container-orchestration system, the backbone of dev and prod environment |
 |
Helm | Package Manager for Kubernetes |
 |
Docker | Primary Containerization Platform |
 |
Grafana | Kubernetes cluster observation and visualization tool. |
 |
Prometheus | Kubernetes cluster log aggregation tool. |
 |
Hashicorp Vault | Secret management system for the Homelab. Integrated with ArgoCD via ArgoCD Vault Plugin. |
 |
Nginx | Kubernetes Ingress Controller. |
 |
Pi-hole | Local DNS server for the HomeLab. |
 |
Cloudflare | DNS Provider and Tunnel. |
 |
Harbor | Self-hosted Image Registry Management Tool |
 |
Gitea | Self-hosted Git Repository Hosting |
HomeLab/
├── .envrc # Direnv variables automation
├── .gitignore # Git ignore patterns
├── .sops.yaml # SOPS encryption configuration
├── LICENSE # AGPL open source license
├── README.md # Repository main documentation
├── ansible/ # Ansible automation configurations
│ ├── ansible.cfg # Ansible common configuration
│ ├── inventories/ # Inventory configurations
│ │ ├── dev/ # Development inventory
│ │ └── prod/ # Production inventory
│ ├── playbooks/ # Ansible playbooks
│ │ ├── argocd-dev.yaml # ArgoCD setup for dev server
│ │ ├── cluster_init.yaml # Control plane initialization
│ │ ├── join_workers.yaml # Worker nodes joining
│ │ ├── nfs_setup.yaml # NFS Proxmox setup
│ │ ├── site.yaml # Initial setup for all hosts
│ │ ├── support_tools.yaml # Optional support tools
│ │ └── vault_setup.yaml # Vault production LXC setup
│ ├── roles/ # Ansible roles
│ │ ├── argocd/ # ArgoCD role
│ │ ├── base_setup/ # Base setup role
│ │ ├── containerd/ # Containerd role
│ │ ├── control_plane/ # Control plane role
│ │ ├── kube_packages/ # Kubernetes packages role
│ │ ├── nfs_client/ # NFS client role
│ │ ├── node_join/ # Node joining role
│ │ └── support_tools/ # Support tools role
│ ├── secrets.yaml # Ansible Vault secrets
│ └── readme.md # Ansible documentation
├── argocd/ # ArgoCD configurations
│ ├── apps/ # Application manifests
│ │ ├── gitea/ # Gitea application
│ │ ├── harbor/ # Harbor application
│ │ ├── monitoring/ # Prometheus + Grafana app
│ │ └── nfs_provisioner/ # NFS storage provisioner
│ ├── base/ # ArgoCD base project configuration
│ ├── environments/ # Environment-specific configurations
│ │ ├── dev/ # Development environment
│ │ └── prod/ # Production environment
│ └── readme.md # ArgoCD implementation documentation
├── docs/ # Detailed feature-specific documentation
├── proxmox/ # Terraform IaC for Proxmox
│ ├── environments/ # Infrastructure segments
│ │ ├── dev/ # Development segment
│ │ └── prod/ # Production segment
│ ├── modules/ # Terraform modules
│ │ ├── lxc/ # LXC container module
│ │ ├── talos-k8s/ # Talos dynamic K8s cluster module
│ │ ├── talos-vm/ # Talos VM module
│ │ ├── ubuntu-k8s/ # Ubuntu dynamic K8s cluster module
│ │ └── ubuntu-vm/ # Ubuntu VM module
│ └── readme.md # Proxmox Terraform infrastructure documentation
├── scripts/ # Automation scripts
│ └── check_prometheus.sh # K8s Prometheus log aggregation check
├── talos/ # Talos K8s cluster configurations
│ ├── _out/ # Generated configurations
│ │ ├── decrypt.sh # Script to decrypt sensitive configurations
│ │ ├── encrypt.sh # Script to encrypt sensitive configurations
│ │ └── ... # Other generated configuration files
│ ├── patches/ # Patches for control plane and workers
│ ├── secrets.yaml # Ansible Vault secrets
│ └── readme.md # Talos documentation
└── vault/ # HashiCorp Vault configurations
└── secret.yaml.enc # Vault encrypted configuration| Proxmox Dashboard |
|---|
| Grafana Cluster Monitoring Dashboard |
| GitOps: ArgoCD |
| Secret Management: Hashicorp Vault |
| Local DNS Management: Pi-hole |
| Gitea Self-hosted Git Repository Management |
| Harbor Self-hosted Image Repository |
| TurnKey File Server |
| Gorgeous Bare-Metal Physical Server :-) |
- Setup ProxMox VE on baremetal environment
- Automated bare metal provisioning with Terraform
- Dev & Prod environment provisioning with Terraform
- Modular architecture, easy to add or remove features/components
- Automated Kubernetes Dev Cluster Setup with Ansible
- Automated Kubernetes Prod Cluster Setup with Talos config
- LXC Container Service provisioning with Terraform
- Installing and managing applications using GitOps ArgoCD
- HashiCorp Vault setup for secret management
- Pi-hole local DNS server and Turnkey file server setup
- NFS file system setup for Kubernetes distributed storage
- Grafana and Prometheus setup for observability
- Automated backup and restore with rsync
- Gitea and Harbor setup
- NGINX ingress setup
- Add Homepage Centralized Dashboard
- ELK Stack Setup in Dev cluster
- Automatic rolling upgrade for OS and Kubernetes
- Automated certificate management for full environment
- DNS failover to pilot-light AWS infra disaster management setup for Prod cluster
- Ensuring 99.9% availability for Prod cluster