{"id":23008288,"url":"https://github.com/kencx/homelab","last_synced_at":"2026-01-16T19:56:23.883Z","repository":{"id":129669634,"uuid":"469833332","full_name":"kencx/homelab","owner":"kencx","description":"Nomad, Consul \u0026 Vault cluster in Proxmox ","archived":false,"fork":false,"pushed_at":"2025-11-30T13:57:36.000Z","size":1768,"stargazers_count":205,"open_issues_count":0,"forks_count":30,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-12-02T20:19:04.750Z","etag":null,"topics":["ansible","consul","hashicorp","homelab","nomad","packer","terraform","vault"],"latest_commit_sha":null,"homepage":"https://kencx.github.io/homelab/","language":"YAML","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/kencx.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-03-14T17:16:31.000Z","updated_at":"2025-11-30T13:57:42.000Z","dependencies_parsed_at":"2024-12-15T09:01:49.399Z","dependency_job_id":"4a6a0ff7-a8b3-4169-9dcb-74dc77661383","html_url":"https://github.com/kencx/homelab","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/kencx/homelab","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kencx%2Fhomelab","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kencx%2Fhomelab/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kencx%2Fhomelab/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kencx%2Fhomelab/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/kencx","download_url":"https://codeload.github.com/kencx/homelab/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kencx%2Fhomelab/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28482136,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-16T11:59:17.896Z","status":"ssl_error","status_checked_at":"2026-01-16T11:55:55.838Z","response_time":107,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","consul","hashicorp","homelab","nomad","packer","terraform","vault"],"created_at":"2024-12-15T09:00:48.119Z","updated_at":"2026-01-16T19:56:23.866Z","avatar_url":"https://github.com/kencx.png","language":"YAML","funding_links":[],"categories":["Infrastructure setup"],"sub_categories":["Deployment and Cluster Setup"],"readme":"# Hubble Homelab\n\n**[Documentation](https://kencx.github.io/homelab)**\n\nThis repository contains infrastructure-as-code for the automated deployment and\nconfiguration, and management of a Hashicorp (Nomad + Consul + Vault) cluster on\nProxmox.\n\n## Disclaimer\n\nThis project is in alpha status and subject to\n[bugs](https://kencx.github.io/homelab/references/issues) and breaking changes.\n\nPlease do not run any code on your machine without understanding the\nprovisioning flow, in case of data loss. Some playbooks may perform destructive\nactions that are irreversible!\n\n## Overview\n\nThis project aims to provision a full Hashicorp cluster in a **semi-automated**\nmanner. It utilizes Packer, Ansible and Terraform:\n\n1. Packer creates base Proxmox VM templates from cloud images and ISOs\n2. Terraform provisions cluster nodes by cloning existing VM templates\n3. Ansible installs and configures Vault, Consul, Nomad on cluster nodes\n\nIt comprises minimally of one server and one client node with no high\navailability (HA). The nodes run Vault, Consul and Nomad as a cluster.\n\nTo support HA, the setup can be further expanded to at least three server nodes\nand multiple client nodes hosted on a Proxmox cluster, spanning multiple\nphysical machines.\n\n## Features\n\n- [x] Golden image creation with Packer\n- [x] Declarative configuration of Proxmox VMs and Vault with Terraform\n- [x] Automated post-provisioning with Ansible\n- [x] Nomad container scheduling and orchestration\n- [x] Consul service discovery\n- [x] Secure node communication via mTLS\n- [x] Personal Certificate Authority hosted on Vault\n- [x] Secrets management, retrieval and rotation with Vault\n- [x] Automated certificate management with Vault and consul-template\n- [x] Let's Encrypt certificates on Traefik reverse proxy\n\n## Getting Started\n\nSee the [documentation](https://kencx.github.io/homelab/getting_started) for more\ninformation on the concrete steps to configure and provision the cluster.\n\n## Folder Structure\n\n```bash\n.\n├── ansible/\n│   ├── roles\n│   ├── playbooks\n│   ├── inventory    # inventory files\n│   └── goss         # goss config\n├── bin              # custom scripts\n├── packer/\n│   ├── base         # VM template from ISO\n│   └── base-clone   # VM template from existing template\n└── terraform/\n    ├── cluster      # config for cluster\n    ├── dev          # config where I test changes\n    ├── minio        # config for Minio buckets\n    ├── modules      # tf modules\n    ├── nomad        # nomad jobs\n    ├── postgres     # config for Postgres DB users\n    ├── proxmox      # config for Proxmox accounts\n    └── vault        # config for Vault\n```\n\n## Limitations\n\n- Manual Vault unseal on reboot\n- Inter-job dependencies are [not supported](https://github.com/hashicorp/nomad/issues/545) in Nomad\n- Vault agent is run as root\n\nSee [issues]() for more information.\n\n## Acknowledgements\n\n- [CGamesPlay/infra](https://github.com/CGamesPlay/infra)\n- [assareh/homelab](https://github.com/assareh/home-lab)\n- [RealOrangeOne/infrastructure](https://github.com/RealOrangeOne/infrastructure)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkencx%2Fhomelab","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkencx%2Fhomelab","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkencx%2Fhomelab/lists"}