This repository contains configuration files and documentation for my personal homelab setup.
- Terraform
- Terragrunt
- kubectl
- Helm
- A Tailscale account and an auth key.
- Local network subnet with a
/24mask. - Reserved IP addresses from
.201to.254for MetalLB IP allocation. - An Arch Linux server on your local network with SSH access.
- The SSH user must have passwordless
sudoaccess (see below). - The SSH user's password must NOT contain single or double quotes.
- The SSH user must have passwordless
- A Cloudflare account with a domain name.
- You need to create a Cloudflare API token with the following permissions:
- Zone:DNS:Edit
- Zone:Zone:Read
- You need to create a Cloudflare API token with the following permissions:
You need to add your user to the sudoers file to allow passwordless sudo access.
This is required for remote provisioners within Terraform. You can do this by
creating a file in /etc/sudoers.d/ with the following content:
hackerman ALL=(ALL) NOPASSWD: ALL
sudo tee /etc/sudoers.d/hackerman <<EOF
hackerman ALL=(ALL) NOPASSWD: ALL
EOFYou need to create a secrets.hcl file in the root of the repository.
Here is an example of what the file should look like:
inputs = {
# Homelab access
homelab_ip = "192.168.69.69" # optional
homelab_username = "hackerman"
homelab_password = "secure!!!444four"
tailscale_auth_key = "tskey-1234567890abcdef"
# DNS and TLS
cloudflare_tld = "example.com"
cloudflare_dns_api_token = "abcdef1234567890"
acme_email = "john.doe@example.com"
# IAM users
iam_users = [
{
username = "john.doe"
email = "john.doe@example.com"
first_name = "John"
last_name = "Doe"
is_admin = true
},
]
}Once you have all the requirements, you can simply run:
make applyThis should set up the homelab from scratch.
