Ansible for Everything: Automating My Entire Infrastructure
This post covers the complete setup of a production-grade Kubernetes cluster in a homelab environment, including hardware selection, networking, GitOps workflows, and storage solutions.
Ansible for Everything: Automating My Entire Infrastructure
After manually configuring servers for the hundredth time, I finally automated everything with Ansible. Now I can rebuild my entire homelab in minutes.
The Playbook Structure
My Ansible repository is organized like this:
ansible/
├── inventories/
│ ├── production/
│ └── staging/
├── roles/
│ ├── common/
│ ├── docker/
│ ├── kubernetes/
│ └── monitoring/
└── playbooks/
├── site.yml
├── provision.yml
└── deploy.yml
Common Role
Every server gets the common role, which handles:
- System updates
- Security hardening (SSH, firewall)
- Standard tooling (vim, git, htop)
- User management
Docker Role
The Docker role installs Docker Engine and configures:
- Docker daemon with appropriate logging
- Docker Compose
- Automatic container updates with Watchtower
Automated Deployments
I use Ansible to deploy all my self-hosted services. Here's a snippet for deploying Nextcloud:
- name: Deploy Nextcloud
docker_container:
name: nextcloud
image: nextcloud:latest
volumes:
- /mnt/storage/nextcloud:/var/www/html
env:
POSTGRES_HOST: postgres.homelab.local
REDIS_HOST: redis.homelab.local
Secrets Management
I use Ansible Vault to encrypt sensitive variables. All passwords, API keys, and certificates are stored encrypted in Git.
The Result
Now when I need to add a new service or rebuild a server, it's just:
ansible-playbook -i inventories/production site.yml --limit newserver
No more manual configuration. No more drift between servers. Just pure automation bliss.