https://github.com/tinycloud-labs/infrastructure
Core infrastructure automation w/Terragrunt, Ansible and GHA
https://github.com/tinycloud-labs/infrastructure
ansible helmfile iac k8s terraform terragrunt
Last synced: about 1 month ago
JSON representation
Core infrastructure automation w/Terragrunt, Ansible and GHA
- Host: GitHub
- URL: https://github.com/tinycloud-labs/infrastructure
- Owner: tinycloud-labs
- License: mit
- Created: 2025-05-07T02:20:22.000Z (about 1 year ago)
- Default Branch: main
- Last Pushed: 2026-01-14T04:07:52.000Z (5 months ago)
- Last Synced: 2026-01-14T08:13:11.957Z (5 months ago)
- Topics: ansible, helmfile, iac, k8s, terraform, terragrunt
- Language: HCL
- Homepage:
- Size: 708 KB
- Stars: 1
- Watchers: 1
- Forks: 0
- Open Issues: 6
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: .github/CODEOWNERS
Awesome Lists containing this project
README
# Homelab
A Homelab Infrastructure-as-Code playground where I'm `uid=0`; I run the show: root access, full chaos. Powered by K3s, Proxmox, and Helm, hosting a variety of self-hosted services deployed via FluxCD.
## Design Rationale
The IaC is constructed using the below K8s and Terragrunt logical design
### Kubernetes
K3s deployed via [Ansible collection](https://github.com/k3s-io/k3s-ansible). Order of resource deployment is based on resource existence (dependency):
```
┌───────────────────────────────────────────┐
│ Applications (FluxCD + Helm) │
└───────────────────┬───────────────────────┘
│ depends on
┌───────────────────▼───────────────────────┐
│ Platform (Terragrunt) │
│ MetalLB, Flux, etc │
└───────────────────┬───────────────────────┘
│ depends on
┌───────────────────▼──────────────────────┐
│ Infrastructure (Terragrunt + Ansible) │
│ VMs + K3s. │
└──────────────────────────────────────────┘
```
Each layer in the diagram is represented as a corresponding Terragrunt stack, [for example this one](https://github.com/stackgarage/homelab/tree/main/terraform/live/prod). Except the apps, they're managed separately by Flux.
### Terragrunt
Organized around the following logical hierarchy (using Terragrunt [stacks](https://terragrunt.gruntwork.io/docs/features/stacks/) and [units](https://terragrunt.gruntwork.io/docs/features/units/)):
```
Environment (prod/dev) > Stack > Units
```
| Environment | a collection of stacks representing the full environment (platform + infrastructure layers) |
| --- | --- |
| **Stack** | **a collection of units representing a complete middleware layer (e.g., `terraform/live/prod/infra/`, etc)** |
| **Unit** | **a Terragrunt thin wrapper around a Terraform module representing a specific tool or resource (e.g., `terraform/catalog/units/loadbalancer/`)**
## Terraform State
State files are dynamically generated on the first run (thanks to Terragrunt's `generate` blocks), constructed via the `terraform/root.hcl` and organized in S3 cleanly as: `live///.terragrunt-stack/` pretty much mirroring the repo's directory hierarchy (separation across boundaries).
## Automation and other stuff
- Infrastructure: GitHub Actions to handle Terragrunt stacks and full-environment, as well as some helper workflows for code management.
- Applications deployment: Hosted in a [separated repo](https://github.com/tinycloud-labs/flux), deployed in a GitOps fashion by FluxCD.
- Helm Charts: Custom Helm charts released and hosted to Github Pages https://github.com/tinycloud-labs/helm
## Networking (not in code)
- Pfsense: Firewall, DNS, HAProxy, VLANs, VPN, and ACME cert-management and rotation.