A comprehensive Infrastructure as Code (IaC) solution for homelab automation using Ansible. This project automates the configuration of servers provisioned by TerraCasa, creating a complete homelab environment with services like Minecraft servers, AdGuard DNS, and Rundeck automation.
┌─────────────────────────────────────────────────────────────┐
│ TerraCasa Infrastructure │
│ ┌─────────────────────────────────────────────────────────┐│
│ │ VLAN 20 (Server) ││
│ │ ┌─────────────┐ ┌─────────────┐ ┌─────────────┐ ││
│ │ │ Minecraft-1 │ │ Minecraft-2 │ │Resolver-Truth│ ││
│ │ │ 192.168.55.50│ │ 192.168.55.51│ │ 192.168.55.53│ ││
│ │ └─────────────┘ └─────────────┘ └─────────────┘ ││
│ └─────────────────────────────────────────────────────────┘│
└─────────────────────────────────────────────────────────────┘
│
┌─────────┴─────────┐
│ prox-n-roll │
│ (Automation) │
│ 192.168.55.10 │
└─────────┬─────────┘
│
┌─────────┴─────────┐
│ Ansible │
│ Configuration │
└───────────────────┘
| Server Name | Purpose | IP Address | Resources |
|---|---|---|---|
| minecraft-java-srv001 | Minecraft Java Server #1 | 192.168.55.50 | 4 CPU, 8GB RAM |
| minecraft-java-srv002 | Minecraft Java Server #2 | 192.168.55.51 | 4 CPU, 8GB RAM |
| resolver-of-truth | AdGuard Home DNS | 192.168.55.53 | 4 CPU, 2GB RAM |
| prox-n-roll | Ansible Automation Server | 192.168.55.10 | 4 CPU, 2GB RAM |
- TerraCasa Infrastructure: Servers must be provisioned by TerraCasa project
- Automation Server: prox-n-roll server with SSH access to all target servers
- SSH Keys: Configured SSH key authentication from prox-n-roll to all servers
-
Clone the repository:
git clone https://github.com/TheQuietBlock/HomeBaseOps.git cd HomeBaseOps -
Configure environment:
cp config.template .env # Edit .env with your actual server IPs and configuration -
Update inventory:
./scripts/generate_inventory.sh # Edit ansible/inventory.ini if needed -
Deploy configuration:
make all
This will:
- Generate Ansible inventory with server IPs
- Run Ansible playbooks to configure all services
HomeBaseOps/
├── README.md # This file
├── makefile # Automation workflows
├── config.template # Environment configuration template
├── scripts/ # Helper scripts
│ └── generate_inventory.sh # Static inventory generation
├── compose/ # Docker Compose stacks
│ ├── adguard/ # AdGuard Home (if using Docker)
│ ├── portainer/ # Portainer management
│ └── whoami/ # Example stack
└── ansible/ # Configuration management
├── ansible.cfg # Ansible configuration
├── playbooks/ # Playbook definitions
├── roles/ # Service-specific roles
│ ├── base/ # Base system configuration
│ ├── adguard/ # AdGuard Home setup
│ ├── minecraft/ # Minecraft server
│ └── rundeck/ # Automation platform
└── group_vars/ # Group-specific variables
The project includes a convenient Makefile for common operations:
make inventory # Generate Ansible inventory
make ansible # Run Ansible playbooks
make all # Run complete deployment pipelineThe infrastructure uses VLAN-based network segregation:
- VLAN 10 (Home):
192.168.10.0/24- Home network devices - VLAN 55 (Server):
192.168.55.0/24- Server infrastructure (default for servers) - VLAN 30 (Guest):
192.168.30.0/24- Guest network access
- AdGuard Home: DNS filtering and ad blocking
- SSH Key Authentication: Passwordless access to servers
- Network Segmentation: VLAN isolation
- Automated Updates: Base role ensures systems are updated
- Service Hardening: Minimal attack surface
- Paper Server: High-performance Minecraft server (fork of Spigot)
- Management: Systemd service with auto-restart
- Configuration: Customizable memory allocation (2GB default)
- Servers: Two independent Paper servers
- Features: Better performance, plugin support, optimizations
- DNS Filtering: Block ads and malicious domains
- Web Interface: Port 3000 for configuration
- DNS Service: Port 53 for DNS queries
- Features: Custom filtering rules and statistics
- Purpose: Centralized job scheduling and automation
- Integration: Git-based job definitions
- Monitoring: Automated deployment pipeline
- Update
scripts/generate_inventory.shwith new server IPs - Create Ansible role if needed
- Update
ansible/playbooks/site.ymlto include new server groups
- Minecraft Memory: Update
minecraft_java_xmxandminecraft_java_xmsingroup_vars/all/main.yml - AdGuard Settings: Modify AdGuard configuration in the adguard role
- Network: Adjust VLAN configurations in inventory
- Ansible Documentation - Configuration management guide
-
Ansible Connection Failures:
- Verify SSH key configuration from prox-n-roll server
- Check server network connectivity
- Ensure servers are accessible from automation server
-
Service Startup Issues:
- Check systemd service status:
systemctl status minecraft - Verify AdGuard Home configuration:
systemctl status AdGuardHome - Check firewall rules:
ufw status
- Check systemd service status:
# Ansible verbose output
ansible-playbook -vvv playbooks/site.yml
# Check server status
ansible all -m ping
# Check specific service logs
ansible minecraft -m shell -a "journalctl -u minecraft -f"- Fork the repository
- Create a feature branch
- Make your changes
- Test thoroughly
- Submit a pull request
This project is open source and available under the MIT License.
- TerraCasa for infrastructure provisioning
- Ansible for configuration management
- AdGuard Home for DNS filtering
- The open-source community for tools and inspiration