ams0/cloudlab
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
246 commits 1 branch 0 tags 529 KiB
  • Jinja 52%
  • HCL 39.6%
  • Smarty 5.5%
  • Shell 2.9%
Find a file
Exact
Alessandro Vozza f2ab23f7f9
All checks were successful
/ test (push) Successful in 1s
Details
Auto-commit: Edit modified n8n-helmrelease.yaml 
- File: /Users/alessandro/repos/kubespaces/cloudlab/gitops/apps/n8n/n8n-helmrelease.yaml
- Tool: Edit
- Session: bf416f24-7e23-45a4-aad4-7f261b15018a

🤖 Generated with Claude Code via rins_hooks
Co-Authored-By: Claude <noreply@anthropic.com>
2026-02-17 01:39:08 +01:00
.ansible Add roles for Fail2Ban, Flux, k0s, Tailscale, and packages management 2025-11-24 13:10:06 +01:00
.claude Add initial settings.local.json configuration file 2025-12-22 22:57:41 +01:00
.forgejo/workflows Add GitHub Actions workflow for testing on push 2025-12-22 00:14:26 +01:00
.github/workflows fix: add push trigger for main branch in deploy workflow 2026-01-15 16:36:57 +01:00
.spacelift feat: add initial Spacelift configuration for cloudlab stack 2026-01-14 18:52:11 +01:00
gitops Auto-commit: Edit modified n8n-helmrelease.yaml 2026-02-17 01:39:08 +01:00
group_vars/oracle_hosts Add borg SSH host key configuration for backup 2025-12-22 23:14:03 +01:00
ingress fix: update backend router rule to include registry and grafana hosts 2026-01-16 09:08:00 +01:00
roles Auto-commit: Edit modified main.yml 2026-01-14 00:05:49 +01:00
terraform Update README header for clarity 2026-01-14 19:55:56 +01:00
tmp/forgejo-runner fix: mark Dashy as deployed in ToDeploy checklist and add README for Forgejo runner deployment 2026-01-15 22:26:52 +01:00
.gitignore gi 2025-11-24 13:08:24 +01:00
.vault_password.template Add roles for Fail2Ban, Flux, k0s, Tailscale, and packages management 2025-11-24 13:10:06 +01:00
.whitesource Add .whitesource configuration file 2025-11-24 12:09:47 +00:00
ansible.cfg Add Forgejo application resources and configurations 2025-12-21 19:15:20 +01:00
deploy.sh Add roles for Fail2Ban, Flux, k0s, Tailscale, and packages management 2025-11-24 13:10:06 +01:00
features.md Add roles for Fail2Ban, Flux, k0s, Tailscale, and packages management 2025-11-24 13:10:06 +01:00
inventory.ini.example Add roles for Fail2Ban, Flux, k0s, Tailscale, and packages management 2025-11-24 13:10:06 +01:00
rationale.md Update project name references from ansible-singlehost to CloudLab 2025-12-21 19:23:52 +01:00
README.md Enhance README with Terraform and GitOps details 2026-01-14 19:33:39 +01:00
renovate.json chore(config): migrate config renovate.json 2026-01-14 16:59:29 +00:00
requirements.yml Auto-commit: Write modified requirements.yml 2025-12-21 20:09:19 +01:00
site.yml Auto-commit: Edit modified site.yml 2025-12-21 20:09:08 +01:00
ToDeploy.md Update deployment checklist and enhance n8n Helm release configuration 2026-02-17 01:29:10 +01:00
VAULT_SETUP.md Add roles for Fail2Ban, Flux, k0s, Tailscale, and packages management 2025-11-24 13:10:06 +01:00

README.md

CloudLab Host Management

This project combines Terraform, Ansible and GitOps to manage a single Oracle host with comprehensive configuration including packages, cron jobs, and Kubernetes (and its apps therein).

This repos is available on GitHub and on my own Forgejo instance

Structure

.
├── ansible.cfg           # Ansible configuration
├── inventory.ini         # Host inventory
├── site.yml             # Main playbook
├── group_vars/          # Group variables
│   └── oracle_hosts.yml
└── roles/               # Ansible roles
    ├── common/          # Basic system setup
    ├── packages/        # Package management
    ├── cron/           # Cron job management
    ├── docker/         # Docker installation
    ├── tailscale/      # Tailscale VPN
    ├── borg/           # Borg Backup 2.0
    ├── datadog/        # Datadog monitoring
    └── kubernetes/     # Kubernetes installation

Usage

Provision the VM (Terraform)

A ready-to-use Terraform configuration lives in terraform/ and creates the VCN, subnet, security list, and a single compute instance. Copy terraform/terraform.tfvars.example to terraform/terraform.tfvars, fill in your OCI OCIDs and image information, then run:

cd terraform
terraform init
terraform apply

The Terraform outputs show the instance IP addresses that you can paste into inventory.ini before running Ansible.

Test connection

ansible oracle_hosts -m ping

Run full configuration

ansible-playbook site.yml

Run specific roles

# Only install packages
ansible-playbook site.yml --tags packages

# Only configure cron jobs
ansible-playbook site.yml --tags cron

# Install Kubernetes (uncomment in site.yml first)
ansible-playbook site.yml --tags kubernetes

Check what would change

ansible-playbook site.yml --check --diff

Configuration

Edit group_vars/oracle_hosts.yml to customize:

  • Package lists
  • Timezone and locale
  • Kubernetes settings
  • Cron jobs (add cron_jobs variable)

Example configurations:

Cron jobs:

cron_jobs:
  - name: "System backup"
    minute: "0"
    hour: "2"
    job: "/usr/local/bin/backup.sh"
  - name: "Log cleanup"
    minute: "0"
    hour: "1"
    weekday: "0"
    job: "find /var/log -name '*.log' -mtime +30 -delete"

Borg Backup:

borg_repository: "ssh://backup-user@backup-server.com/~/backups/{{ inventory_hostname }}"
borg_ssh_user: "backup-user"
borg_ssh_host: "backup-server.com"
borg_passphrase: "your-secure-passphrase"  # Use ansible-vault

Tailscale:

tailscale_auth_key: "tskey-auth-xxxxxxxxxxxx"  # Use ansible-vault
tailscale_hostname: "oracle-{{ inventory_hostname }}"
tailscale_accept_routes: true

Datadog:

datadog_api_key: "your-datadog-api-key"  # Use ansible-vault
datadog_tags:
  - "env:production"
  - "role:oracle-host"
datadog_logs_enabled: true
datadog_process_agent_enabled: true