Benschubert.Infrastructure
Description
A collection to deploy all the infrastructure services that are part of my Homelab.
The main entry point for the collection is benschubert.infrastructure.main which puts all the other roles together in a singular, consistent deployment. It will ensure that all the roles are called in a consistent manner and in the right order.
The following services can be configured with this collection:
Traefik, using the ingress role, which acts as a reverse proxy and connects all the services to the outside world.
Authentik, using the auth role, which provides an authentication service to allow SSO to be used for the various services.
Grafana, using the monitoring role, which allows building dashboard to monitor the Homelab and more.
Mimir, using the monitoring role, which allows ingesting and storing metrics and alerts.
Loki, using the monitoring role, which allows ingesting and storing logs, and connects to Mimir for alerts.
Grafana Alloy, using the monitoring role, which allows collecting metrics and logs
This collection globally expects that podman is already configured on the host, and that the user running the role has enough user namespaces available to isolate every pod.
This role also provide some testing utilities to help with setting up the infrastructure:
Mailpit, using the mailpit_test_gateway, which allows validating that messages can be sent correctly
Author:
Benjamin Schubert <contact@benschubert.me>
Supported ansible-core versions:
2.15.0 or newer
older than 2.20.0
Role Index
These are the roles in the benschubert.infrastructure collection:
auth role – Setup an authentication server in podman, using Authentik
ingress role – Setup a reverse proxy using podman to expose services using Traefik
mailpit_test_gateway role – Setup a Mailpit STMP gateway
main role – Configure a suite of basic infrastructure services in podman to serve as a foundation for a Homelab.
monitoring role – Configure all services required to monitor services and systems.
postgres role – Configure a PostgreSQL instance using podman
redis role – Configure a Redis instance using podman
Plugin Index
These are the plugins in the benschubert.infrastructure collection:
Modules
authentik_application module – Allows administration of Authentik applications
authentik_application_icon_url module – Allows configuring application icons from the Authentik API
authentik_certificate_info module – Allows retrieving information about certificates from the Authentik API
authentik_flow_info module – Allows retrieving information about flows from the Authentik API
authentik_group module – Allows administration of Authentik groups
authentik_group_info module – Allows retrieving information about groups from the Authentik API
authentik_outpost module – Allows administration of Authentik outposts
authentik_outpost_provider module – Allows connecting Authentik providers to outposts
authentik_policy_binding module – Allow administration of policy bindings in Authentik
authentik_propertymappings_scope module – Allows administration of Authentik scope propertymappings
authentik_propertymappings_scope_info module – Allows retrieving information about OAuth2 scopes from the Authentik API
authentik_provider_info module – Allows retrieving information about providers from the Authentik API
authentik_provider_oauth2 module – Allows administration of Authentik OAuth2 providers
authentik_provider_proxy module – Allows administration of Authentik proxy providers
authentik_token module – Allows administration of Authentik tokens
authentik_token_value module – Allows retrieving the value of the provided token
authentik_user module – Allows administration of Authentik users
authentik_user_group module – Allows adding or removing users to groups in Authentik
authentik_user_info module – Allows retrieving information about users from the Authentik API
github_content module – Get the content of a file or directory on GitHub