This is my ansible setup for my homelab.
This Ansible project automates the setup and management of a comprehensive homelab environment. It includes:
- DNS management with PiHole
- Reverse proxy with Traefik
- Authentication with Authelia
- Container management with Portainer
- Automated updates with Watchtower
- Jellyfin/Plex for media streaming
- Tautulli for media statistics
- Tdarr for media transcoding
- Tubearchivist for YouTube archiving
- Navidrome for music streaming
- Audiobookshelf for audiobook management
- Kavita for e-book management
- Nextcloud for file sharing and collaboration
- Paperless-ng for document management
- Photoprism for photo management
- Baserow for database management
- Docmost for documentation
- Monica for personal relationship management
- Homepage for dashboard
- Prometheus for metrics collection
- Traggo for time tracking
- N8n for workflow automation
- Ofelia for task scheduling
- Syncthing for file synchronization
.
├── ansible.cfg # Ansible configuration
├── site.yml # Main playbook
├── inventory/ # Host inventory files
├── roles/ # Ansible roles
├── files/ # Configuration files
├── group_vars/ # Group variables
└── collections/ # Ansible collections
- A running Proxmox node
- Your own domain that is configured with Cloudflare
- A working knowledge of your router's DHCP configuration
- Your public key (scripts assume that it can be found in $HOME/.ssh/id_rsa.pub)
- Clone the repository:
git clone git@github.com:rsmacapinlac/hwhl.git
cd hwhl- Initialize your environment:
./bin/ansible-init.sh- Configure your Proxmox inventory:
# Create and edit your inventory file
touch inventory/proxmox.ymlAdd the following content to inventory/proxmox.yml:
proxmox_control_node_by_ip:
hosts:
# Replace with your Proxmox server IP
10.1.0.141:- Run the Proxmox setup playbook:
ansible-playbook proxmox-setup.yml# Run the entire playbook
ansible-playbook site.yml
# Run specific services by host group
ansible-playbook site.yml --limit dns # Run only DNS (PiHole) setup
ansible-playbook site.yml --limit edge # Run edge services (Traefik, Authelia, etc.)
ansible-playbook site.yml --limit containers # Run container management services
ansible-playbook site.yml --limit jellyfin # Run Jellyfin setup
ansible-playbook site.yml --limit plex # Run Plex setup
# Check syntax
ansible-playbook site.yml --syntax-check
# Dry run
ansible-playbook site.yml --checkThe playbook is organized into the following host groups:
dns: PiHole DNS serversedge: Edge services (Traefik, Authelia, Cloudflare DDNS, WireGuard)containers: Container management (Portainer, Watchtower, Traefik)arrs: *Arr suite (Sonarr, Radarr, etc.)jellyfin: Jellyfin media serverplex: Plex media servernextcloud: Nextcloud file sharing- And many more services as defined in site.yml
- Use
maintenance.ymlfor routine maintenance tasks - Use
provision.ymlfor initial provisioning - Use
de-provision.ymlfor cleanup
- All sensitive credentials should be stored in
files/config/ - Use environment variables or Ansible vault for secrets
- Keep your Ansible control node secure
- Regularly update your systems using the maintenance playbook
- Fork the repository
- Create a feature branch
- Commit your changes
- Push to the branch
- Create a Pull Request
This project is licensed under the terms of the included LICENSE file.
- Services Documentation - Overview and setup guides for all services
- Pi-hole Setup - Detailed guide for Pi-hole deployment
- Nebula Sync Setup - Guide for Pi-hole synchronization