Migrated my Docker Compose homelab to OpenTofu

Migrated my Docker Compose homelab to OpenTofu (yuris.dev)
from yuris@lemmy.ml to selfhosted@lemmy.world on 02 Aug 07:08
https://lemmy.ml/post/34043744

I don’t usually post, but thought I’d share.

I rebuilt my homelab with OpenTofu. Now my entire setup, from containers to networking, lives in a Git repo.

The best part is that new services get published automatically. I just set a flag in the code, and it builds the Caddy proxy or Cloudflare tunnel for me. No more manual config editing.

Here’s my quick write-up on it: https://yuris.dev/blog/homelab-opentofu

And the code is all public if you want to see how it works: https://github.com/yurisasc/homelab

Hope this is interesting to someone. Happy to answer any questions if you have them. Curious to hear if anyone else has gone down this particular rabbit hole with IaC for their Docker stack.

#selfhosted

threaded - newest

LodeMike@lemmy.today on 02 Aug 07:39 next collapse

White Bear

cappa@feddit.org on 02 Aug 07:51 next collapse

nice inspiration. bookmarked

Mondez@lemdro.id on 02 Aug 08:06 next collapse

I personally manage my services using ansible, I only set up the actual infrastructure, the virtual machines that run the services, with terraform/opentofu. Docker is one of those in the middle tech between infrastructure and software distribution and it makes more sense to me to treat a service as a role in ansible do I can deploy it (docker, podman package install or whatever), sort it’s networking and handle it’s configuration all in one place. I’m not saying the way you do it is wrong, but this is just a step down the automation rabbit hole.

It doesn’t appear your setup provisions the actual hosts for docker so I guess you are provisioning manually for that layer? That is another area you might want to leverage opentofu for?

Also congrats on actually documenting it in a consumable way for others to learn from.

markstos@lemmy.world on 02 Aug 21:00 collapse

I also use Ansible. Using Podman’s “quadlet” adapter, the containers run as systemd services.

helix@feddit.org on 04 Aug 03:11 collapse

I also use quadlets, but it’s annoying to check for outside conditions. Can you share uour setup so I might learn how to do it properly please? 😊

markstos@lemmy.world on 04 Aug 19:19 collapse

I posted part of it here: forum.ghost.org/t/…/2

truxnell@quokk.au on 02 Aug 09:55 next collapse

I've been doing IaC for years on my homelab. Once I outgrew rockets impose and a single NUC, I ended up going full regard on kubernetes forna few years, before getting sick of the complexity and upkeep and moving to a nix stack for my NAS and nuc

Tip;: if you haven't already look at using renovate bit to run on your repo and update your container tags, it's great to manage updating your containers in a controller fashion

Current nix
https://github.com/truxnell/nix-config

Deprecated k8s
https://github.com/truxnell/home-cluster

non_burglar@lemmy.world on 02 Aug 19:48 collapse

Assuming “rockets impose” is an autocorrect of “docker compose”, it’s the best one I’ve ever seen.

dallen@programming.dev on 02 Aug 20:08 next collapse

Well, time to edit .bash_aliases…

truxnell@quokk.au on 03 Aug 12:25 next collapse

Indeed it was a auto-correct, and it is definitely the best I've had myself, and its staying in the comment!

normalexit@lemmy.world on 03 Aug 13:12 next collapse

If a new project doesn’t come out called rockets impose I’ll be disappointed .

eager_eagle@lemmy.world on 03 Aug 19:08 collapse

ratatouille@feddit.org on 04 Aug 05:35 next collapse

What do you think about pangolin for self-hosted accessing home over VPN?

rimjob_rainer@discuss.tchncs.de on 04 Aug 09:08 collapse

Sounds like my homelab which lives as a docker compose file in a git repo.