Merge branch 'main' into renovate/ghcr.io-goauthentik-server

⬆️ Update ghcr.io/goauthentik/server Docker digest to a98f955
2024-08-09 14:51:21 -04:00 · 2024-08-04 11:54:27 -04:00 · 2024-08-02 02:43:26 +00:00
27 changed files with 203 additions and 96 deletions
--- a/README.md
+++ b/README.md
@ -14,12 +14,17 @@ This is my homelab, defined in code.

 <div align="center">

-| Hypervisor | OS | Tools | VPS (arm) | Firewall | Misc. Automations |
-|---|---|---|---|---|---|
-| [![Proxmox](https://img.shields.io/badge/-Proxmox-%23c9d1d9?logo=Proxmox)](https://www.proxmox.com) | [![Ubuntu](https://img.shields.io/badge/Ubuntu_22.04-%23c9d1d9?&logo=ubuntu&logoColor=red)](https://releases.ubuntu.com/jammy/) [![Ubuntu](https://img.shields.io/badge/Ubuntu_24-%23c9d1d9?&logo=ubuntu&logoColor=red)](https://releases.ubuntu.com/noble/) | [![Forgejo](https://img.shields.io/badge/-Forgejo-%23c9d1d9?logo=forgejo&logoColor=orange)](https://forgejo.org/) [![Docker](https://img.shields.io/badge/-Docker-%23c9d1d9?logo=docker)](https://www.docker.com/) [![Renovate](https://img.shields.io/badge/-Renovate-%23c9d1d9?logo=renovate&logoColor=blue)](https://github.com/renovatebot/renovate) [![OpenTofu](https://img.shields.io/badge/-OpenTofu-%23c9d1d9?logo=opentofu&logoColor=black)](https://opentofu.org/) [![Packer](https://img.shields.io/badge/-Packer-%23c9d1d9?logo=packer)](https://www.packer.io/) [![Ansible](https://img.shields.io/badge/-Ansible-%23c9d1d9?logo=ansible&logoColor=red)](https://www.ansible.com/) | [![Oracle](https://img.shields.io/badge/-Oracle_Cloud-%23c9d1d9?logo=oracle&logoColor=red)](https://www.oracle.com/cloud/) | [![pfSense](https://img.shields.io/badge/-pfSense-%23c9d1d9?logo=pfsense&logoColor=blue)](https://www.pfsense.org/) | [![n8n](https://img.shields.io/badge/-n8n-%23c9d1d9?logo=n8n)](https://n8n.io/)
+| Hypervisor | OS | Tools | VPS (arm) | Firewall |
+|---|---|---|---|---|
+| [![Proxmox](https://img.shields.io/badge/-Proxmox-%23c9d1d9?logo=Proxmox)](https://www.proxmox.com) | [![Ubuntu](https://img.shields.io/badge/Ubuntu_22.04-%23c9d1d9?&logo=ubuntu&logoColor=red)](https://releases.ubuntu.com/jammy/) [![Ubuntu](https://img.shields.io/badge/Ubuntu_24-%23c9d1d9?&logo=ubuntu&logoColor=red)](https://releases.ubuntu.com/noble/) | [![Forgejo](https://img.shields.io/badge/-Forgejo-%23c9d1d9?logo=forgejo&logoColor=orange)](https://forgejo.org/) [![Docker](https://img.shields.io/badge/-Docker-%23c9d1d9?logo=docker)](https://www.docker.com/) [![Renovate](https://img.shields.io/badge/-Renovate-%23c9d1d9?logo=renovate&logoColor=blue)](https://github.com/renovatebot/renovate) [![OpenTofu](https://img.shields.io/badge/-OpenTofu-%23c9d1d9?logo=opentofu)](https://opentofu.org/) [![Packer](https://img.shields.io/badge/-Packer-%23c9d1d9?logo=packer)](https://www.packer.io/) [![Ansible](https://img.shields.io/badge/-Ansible-%23c9d1d9?logo=ansible&logoColor=red)](https://www.ansible.com/) | [![Oracle](https://img.shields.io/badge/-Oracle_Cloud-%23c9d1d9?logo=oracle&logoColor=red)](https://www.oracle.com/cloud/) | [![pfSense](https://img.shields.io/badge/-pfSense-%23c9d1d9?logo=pfsense&logoColor=blue)](https://www.pfsense.org/) | 

 </div>

-## To-Do
-See [Project Board](https://git.mafyuh.dev/mafyuh/iac/projects/2)
+ToDo
+- [ ] Update Readme
+- [ ] Update Issue Templates
+- [x] Migrate all containers to use this repo
+- [x] Get OpenTofu migrated to this repo
+- [ ] Get Kubernetes repo migrated over
+- [ ] Re-bootstrap Flux

--- a/ansible/README.md
+++ b/ansible/README.md
--- a/ansible/playbooks/deploy.yml
+++ b/ansible/playbooks/deploy.yml
@ -0,0 +1,33 @@
+---
+- name: Deploy application
+  hosts: "{{ target_host }}"
+  vars:
+    repo_path: "/home/{{ ansible_user }}/Auto-Homelab/{{ folder }}"
+  tasks:
+    - name: Ensure the repository is up-to-date
+      shell: git pull
+      args:
+        chdir: "{{ repo_path }}"
+      register: git_pull_output
+
+    - name: Display git pull output
+      debug:
+        var: git_pull_output.stdout_lines
+
+    - name: Restart services
+      command: docker compose up -d
+      args:
+        chdir: "{{ repo_path }}"
+      register: docker_compose_output
+
+    - name: Display docker output
+      debug:
+        var: docker_compose_output.stdout_lines
+    
+    - name: Run Docker Command
+      command: docker ps
+      register: docker_output
+
+    - name: Display Docker Output
+      debug:
+        var: docker_output.stdout_lines
--- a/ansible/playbooks/git-pull-reset.yml
+++ b/ansible/playbooks/git-pull-reset.yml
@ -2,8 +2,8 @@
 - name: Reset and Pull Git Repository
  hosts: all
  tasks:
-    - name: Change to iac directory
-      shell: cd ~/iac
+    - name: Change to Auto-Homelab directory
+      shell: cd ~/Auto-Homelab
      args:
        chdir: "/home/{{ ansible_user }}"
      environment:
@ -12,13 +12,13 @@
    - name: Git Pull
      shell: git pull
      args:
-        chdir: "/home/{{ ansible_user }}/iac"
+        chdir: "/home/{{ ansible_user }}/Auto-Homelab"
      environment:
        HOME: "/home/{{ ansible_user }}"

    - name: Git Reset
      shell: git reset --hard origin/main
      args:
-        chdir: "/home/{{ ansible_user }}/iac"
+        chdir: "/home/{{ ansible_user }}/Auto-Homelab"
      environment:
        HOME: "/home/{{ ansible_user }}"
--- a/automations/README.md
+++ b/automations/README.md
--- a/docker/AI/docker-compose.yml
+++ b/docker/AI/docker-compose.yml
@ -2,7 +2,7 @@ version: "3.8"

 services:
  ollama:
-    image: ollama/ollama:0.3.6
+    image: ollama/ollama:0.3.4
    container_name: ollama
    restart: unless-stopped
    volumes:
@ -18,7 +18,7 @@ services:
              capabilities: [gpu]

  open-webui:
-    image: ghcr.io/open-webui/open-webui:v0.3.13
+    image: ghcr.io/open-webui/open-webui:v0.3.12
    container_name: open-webui
    restart: unless-stopped
    ports:
@ -28,6 +28,16 @@ services:
    extra_hosts:
      - host.docker.internal:host-gateway

+  mindsdb:
+    image: mindsdb/mindsdb:v24.8.1.1
+    container_name: mindsdb
+    ports:
+      - 47334:47334
+      - 47335:47335
+    volumes:
+      - /home/mafyuh/mindsdb:/root/mindsdb
+    restart: unless-stopped
+
 volumes:
  ollama:
    external: true
--- a/docker/ag-backup/docker-compose.yml
+++ b/docker/ag-backup/docker-compose.yml
@ -1,7 +1,7 @@
 ---
 services:
  adguardhome:
-    image: adguard/adguardhome:v0.107.52
+    image: docker.mafyuh.xyz/adguard/adguardhome:v0.107.52
    container_name: adguardhome
    restart: unless-stopped
    volumes:
--- a/docker/ag-main/docker-compose.yml
+++ b/docker/ag-main/docker-compose.yml
@ -1,7 +1,7 @@
 ---
 services:
  adguardhome:
-    image: adguard/adguardhome:v0.107.52
+    image: docker.mafyuh.xyz/adguard/adguardhome:v0.107.52
    container_name: adguardhome
    restart: unless-stopped
    volumes:
@ -22,7 +22,7 @@ services:
      - 5443:5443/udp

  adguardhome-sync:
-    image: ghcr.io/linuxserver/adguardhome-sync@sha256:1987f271621a53f0fbece4d8445f5725190539607648de67265e15aab6c4ecd2
+    image: ghcr.io/linuxserver/adguardhome-sync@sha256:c6bad810acfc292b9220936751194f6ae9800b1228385ae8f2130fba280b79ee
    container_name: adguardhome-sync
    environment:
      - PUID=1000
--- a/docker/arm/docker-compose.yml
+++ b/docker/arm/docker-compose.yml
@ -38,7 +38,7 @@ services:
      - /home/ubuntu/forgejo/mysql:/var/lib/mysql

  gotify:
-    image: gotify/server-arm7:2.5.0
+    image: docker.mafyuh.xyz/gotify/server-arm7:2.5.0
    container_name: gotify
    ports:
      - 9008:80
@ -53,7 +53,7 @@ services:
      - gitea_main

  nginx-proxy-manager:
-    image: jc21/nginx-proxy-manager:2.11.3
+    image: docker.mafyuh.xyz/jc21/nginx-proxy-manager:2.11.3
    container_name: nginx-proxy-manager
    ports:
      - 80:80
@ -67,7 +67,7 @@ services:
      - gitea_main

  uptime-kuma:
-    image: louislam/uptime-kuma:1.23.13
+    image: docker.mafyuh.xyz/louislam/uptime-kuma:1.23.13
    container_name: uptime-kuma
    ports:
      - 3001:3001
@ -78,7 +78,7 @@ services:
      - gitea_main

  jellyseerr:
-    image: fallenbagel/jellyseerr:1.9.2
+    image: docker.mafyuh.xyz/fallenbagel/jellyseerr:1.9.2
    container_name: jellyseerr
    ports:
      - 5055:5055
@ -92,7 +92,7 @@ services:
      - gitea_main

  linkstack:
-    image: linkstackorg/linkstack@sha256:ad2ec7ffa69f4b04367313d1b95566bb00955b9670eb5467fd4fab39dd1f53c1
+    image: docker.mafyuh.xyz/linkstackorg/linkstack@sha256:ad2ec7ffa69f4b04367313d1b95566bb00955b9670eb5467fd4fab39dd1f53c1
    container_name: linkstack
    ports:
      - 8005:80
@ -107,7 +107,7 @@ services:
    networks:
      - gitea_main
  n8n:
-    image: ghcr.io/n8n-io/n8n:1.55.3
+    image: ghcr.io/n8n-io/n8n:1.54.0
    container_name: n8n
    ports:
      - 5678:5678
@ -122,7 +122,7 @@ services:
      - gitea_main

  vaultwarden:
-    image: vaultwarden/server:1.32.0
+    image: docker.mafyuh.xyz/vaultwarden/server:1.31.0
    container_name: vaultwarden
    ports:
      - 8989:80
@ -137,7 +137,7 @@ services:
        ipv4_address: 172.25.0.25

  syncthing:
-    image: ghcr.io/linuxserver/syncthing@sha256:d6502d919f49f16a80689ce92c211f945f1d64a34c0d3f23ecc27a2a4d1dd0ac
+    image: ghcr.io/linuxserver/syncthing@sha256:2c1ecba88add0cf239914553cc911193a78c668012bf8e55044c1bbff6b2db18
    container_name: syncthing
    hostname: ARM #optional
    environment:
--- a/docker/arrs/docker-compose.yml
+++ b/docker/arrs/docker-compose.yml
@ -1,7 +1,7 @@
 ---
 services:
  bazarr:
-    image: ghcr.io/linuxserver/bazarr@sha256:8573a7d8558d7407ec53c205599d99d9876486621681355d147e9091cd99c58b
+    image: ghcr.io/linuxserver/bazarr@sha256:4222fa316c51c2d0257384e5562541059698c220abbb00170eb93c3ddfa52d18
    container_name: bazarr
    ports:
      - "6767:6767"
@ -15,7 +15,7 @@ services:
      - PGID=1000

  lidarr:
-    image: ghcr.io/linuxserver/lidarr@sha256:d30f42dc071f77ae833d094083263d38be2dd0ddfff3c234ede29a36673a8603
+    image: ghcr.io/linuxserver/lidarr@sha256:e504ab630ab456a4a39a6801f760975ff84fe53a0e542439d80aa8da27773a6e
    container_name: lidarr
    ports:
      - "8686:8686"
@ -43,7 +43,7 @@ services:
      - PGID=1000

  radarr:
-    image: ghcr.io/linuxserver/radarr@sha256:b034531ff81d3e5e1f9fd70c969746040b40e6484c88981ea5d0dee732c10bc3
+    image: ghcr.io/linuxserver/radarr@sha256:9d6f0548fd805edb30108fdd06d0fc5a4436c9bd708b57bd4119d7aefa815fe4
    container_name: radarr
    ports:
      - "7878:7878"
@ -57,7 +57,7 @@ services:
      - PGID=1000

  sonarr:
-    image: ghcr.io/linuxserver/sonarr@sha256:bffa87787eacff9023df4400f521c159566d14b5a280caec8b54196071e6038e
+    image: ghcr.io/linuxserver/sonarr@sha256:f0c1fe322671a5c4a302e27ee7aac622fb3c7ba6da231f6c378fe07ab900d6eb
    container_name: sonarr
    ports:
      - "8989:8989"
@ -91,7 +91,7 @@ services:
      - AUTH_OIDC_ADMIN_GROUP=${AUTH_OIDC_ADMIN_GROUP}

  doplarr:
-    image: ghcr.io/linuxserver/doplarr@sha256:6959cd770bc89c2eaa61e07b13673051d66e6edae09f4a7e7c7846fdfa4dafc6
+    image: ghcr.io/linuxserver/doplarr@sha256:9e1cfedf824d00bb0f269bcb3836b13cdbb74747bef062f9021be6f0f63dde7a
    container_name: doplarr
    environment:
      - PUID=1000
@ -116,7 +116,7 @@ services:
    restart: unless-stopped

  jfa-go:
-    image: hrfee/jfa-go
+    image: docker.mafyuh.xyz/hrfee/jfa-go
    container_name: jfa-go
    ports:
      - 8056:8056
@ -140,7 +140,7 @@ services:
    image: gcr.io/cadvisor/cadvisor:v0.50.0

  syncthing:
-    image: ghcr.io/linuxserver/syncthing@sha256:d6502d919f49f16a80689ce92c211f945f1d64a34c0d3f23ecc27a2a4d1dd0ac
+    image: ghcr.io/linuxserver/syncthing@sha256:2c1ecba88add0cf239914553cc911193a78c668012bf8e55044c1bbff6b2db18
    container_name: syncthing
    hostname: ARRS
    environment:
@ -158,7 +158,7 @@ services:
    restart: unless-stopped

  code-server:
-    image: ghcr.io/linuxserver/code-server@sha256:4914ed4bc7e7342ef9d9cc30abda9cbcd486d79eac37db4bbe70df91135a1ef3
+    image: ghcr.io/linuxserver/code-server@sha256:ce5fc2b0c5956e3fac4bda7647707b2f979757f1baed62ad27af9782d4acc8ce
    container_name: code-server
    environment:
      - PUID=1000
--- a/docker/authentik/.env.example
+++ b/docker/authentik/.env.example
@ -1 +0,0 @@
-## Get from https://docs.goauthentik.io/docs/installation/docker-compose#preparation
--- a/docker/authentik/docker-compose.yml
+++ b/docker/authentik/docker-compose.yml
@ -32,7 +32,7 @@ services:
    volumes:
      - redis:/data
  server:
-    image: ghcr.io/goauthentik/server@sha256:ec5683345b6283214e01112dd4ba4ac7af1fc638a6e2301e6c18b7f3036f27bc
+    image: ghcr.io/goauthentik/server@sha256:a98f95518269d01bb812eb0e12c6647f3d08a36e37b9fdbdccf9345d4431b9f0
    restart: unless-stopped
    command: server
    environment:
@ -53,7 +53,7 @@ services:
      - postgresql
      - redis
  worker:
-    image: ghcr.io/goauthentik/server@sha256:ec5683345b6283214e01112dd4ba4ac7af1fc638a6e2301e6c18b7f3036f27bc
+    image: ghcr.io/goauthentik/server@sha256:a98f95518269d01bb812eb0e12c6647f3d08a36e37b9fdbdccf9345d4431b9f0
    restart: unless-stopped
    command: worker
    environment:
--- a/docker/cf/docker-compose.yml
+++ b/docker/cf/docker-compose.yml
@ -2,12 +2,12 @@
 services:
  cf-tunnel:
    restart: unless-stopped
-    image: cloudflare/cloudflared@sha256:31fc2956d49179f7fd230b030e702e40ade7ccc361d0f1079e4a56bc888678f9
+    image: docker.mafyuh.xyz/cloudflare/cloudflared@sha256:31fc2956d49179f7fd230b030e702e40ade7ccc361d0f1079e4a56bc888678f9
    command: tunnel --no-autoupdate run --token $CF_TOKEN

  wallos:
    container_name: wallos
-    image: bellamy/wallos:2.22.1
+    image: bellamy/wallos:2.22.0
    ports:
      - "8282:80/tcp"
    environment:
--- a/docker/downloaders/.env.example
+++ b/docker/downloaders/.env.example
@ -1 +0,0 @@
-LAN_NETWORK=10.10.10.0/24
--- a/docker/downloaders/docker-compose.yml
+++ b/docker/downloaders/docker-compose.yml
@ -1,7 +1,7 @@
 version: '3.9'
 services:
  sabnzbd:
-    image: ghcr.io/linuxserver/sabnzbd@sha256:95179d6de1c660d7dcd4bd3991b33871c88df1120ab84bc553c4a67e8cc412d2
+    image: ghcr.io/linuxserver/sabnzbd@sha256:aad79c7a696a8743b87f9a0429bf5fa0be1edc8bbf00b962008dfa9893efd28e
    container_name: sabnzbd
    environment:
      - PUID=1000
@ -16,7 +16,7 @@ services:
    restart: unless-stopped

  arch-qbittorrentvpn:
-    image: binhex/arch-qbittorrentvpn:4.6.5-1-03
+    image: docker.mafyuh.xyz/binhex/arch-qbittorrentvpn:4.6.5-1-03
    container_name: qbittorrentvpn
    volumes:
      - '/docker/appdata/qbitty:/config'
@ -55,3 +55,25 @@ services:
    environment:
      - LOG_LEVEL=info
    restart: unless-stopped
+
+  cadvisor:
+    volumes:
+      - /:/rootfs:ro
+      - /var/run:/var/run:ro
+      - /sys:/sys:ro
+      - /var/lib/docker/:/var/lib/docker:ro
+      - /dev/disk/:/dev/disk:ro
+    ports:
+      - 9999:8080
+    container_name: cadvisor
+    privileged: true
+    devices:
+      - /dev/kmsg
+    image: gcr.io/cadvisor/cadvisor:v0.50.0
+
+  node-exporter:
+    image: docker.mafyuh.xyz/prom/node-exporter:v1.8.2
+    container_name: monitoring_node_exporter
+    restart: unless-stopped
+    ports:
+      - 9100:9100
--- a/docker/jellyfin/docker-compose.yml
+++ b/docker/jellyfin/docker-compose.yml
@ -1,7 +1,7 @@
 ---
 services:
  jellyfin:
-    image: ghcr.io/linuxserver/jellyfin@sha256:a90c9b22a2634c3c24049b35d9bc0295eddfa46615697c92f67794f523a27a3a
+    image: ghcr.io/linuxserver/jellyfin@sha256:88db4425a59157eba4b0fba8feb7df22a747a8134bb4d898070ef662f2c09b66
    container_name: jellyfin
    devices:
      - /dev/dri/renderD129:/dev/dri/renderD129
@ -22,7 +22,7 @@ services:
    restart: unless-stopped

  makemkv:
-    image: jlesage/makemkv@sha256:39dccc4f82dc76668a78543ac7392a43b6bc6c069e1a3e47e8c058c6cb5f09b0
+    image: docker.mafyuh.xyz/jlesage/makemkv@sha256:39dccc4f82dc76668a78543ac7392a43b6bc6c069e1a3e47e8c058c6cb5f09b0
    container_name: makemkv
    ports:
      - 5800:5800
@ -35,7 +35,7 @@ services:
    privileged: true

  syncthing:
-    image: ghcr.io/linuxserver/syncthing@sha256:d6502d919f49f16a80689ce92c211f945f1d64a34c0d3f23ecc27a2a4d1dd0ac
+    image: ghcr.io/linuxserver/syncthing@sha256:2c1ecba88add0cf239914553cc911193a78c668012bf8e55044c1bbff6b2db18
    container_name: syncthing
    hostname: JF
    environment:
--- a/docker/kasm/docker-compose.yml
+++ b/docker/kasm/docker-compose.yml
@ -1,7 +1,7 @@
 ---
 services:
  kasm:
-    image: ghcr.io/linuxserver/kasm@sha256:0236fb40d19863d11ab472dc8351db690f1190fac20ea643512318709f22f037
+    image: ghcr.io/linuxserver/kasm@sha256:c68b21aab787c3a35e170438d6be2dcfaded038c09b7d96d06815d294ecd4241
    container_name: kasm
    privileged: true
    environment:
--- a/docker/netboot/docker-compose.yml
+++ b/docker/netboot/docker-compose.yml
@ -1,7 +1,7 @@
 ---
 services:
  netbootxyz:
-    image: ghcr.io/linuxserver/netbootxyz@sha256:cb886a67f45f14e2e864ce713977dd8d3253d997b1fb6cfc627b240a3e0659ea
+    image: ghcr.io/linuxserver/netbootxyz@sha256:5693c2fe816c92f45f364faa3d05b7bdddef86b58a7cf19fe642eeccf26444b8
    container_name: netboot
    environment:
      - PUID=1000
--- a/docker/nexus/docker-compose.yml
+++ b/docker/nexus/docker-compose.yml
@ -0,0 +1,11 @@
+---
+services:
+  nexus:
+    image: docker.mafyuh.xyz/sonatype/nexus3:3.71.0
+    container_name: nexus
+    restart: unless-stopped
+    ports:
+      - 8081:8081
+      - 8082:8082
+    volumes:
+      - /docker/appdata/nexus:/nexus-data ## To get to work run: sudo chown -R 200 /docker/appdata/nexus/ | cat /docker/appdata/nexus/admin.password
--- a/docker/portainer/docker-compose.yml
+++ b/docker/portainer/docker-compose.yml
@ -1,6 +1,6 @@
 services:
  portainer:
-    image: portainer/portainer-ee@sha256:0aa305da72738d9f90a209bf74bdc74172004690fa298f52d5f92dd065f26aea
+    image: docker.mafyuh.xyz/portainer/portainer-ee@sha256:0aa305da72738d9f90a209bf74bdc74172004690fa298f52d5f92dd065f26aea
    container_name: portainer
    command: -H unix:///var/run/docker.sock
    ports:
--- a/docker/twingate/docker-compose.yml
+++ b/docker/twingate/docker-compose.yml
@ -1,6 +1,6 @@
 services:
  twingate-famous-alligator:
-    image: twingate/connector@sha256:30864d606a6a252ac919220ad32b7d9ea6335497e8ce774216b13bf05aabd4bf
+    image: docker.mafyuh.xyz/twingate/connector@sha256:30864d606a6a252ac919220ad32b7d9ea6335497e8ce774216b13bf05aabd4bf
    container_name: twingate-famous-alligator
    restart: always
    environment:
--- a/kubernetes/README.md
+++ b/kubernetes/README.md
--- a/terraform/AI.tf
+++ b/terraform/AI.tf
@ -5,8 +5,8 @@ resource "proxmox_virtual_environment_vm" "AI" {
    vm_id        = 322
    name         = "AI"
    machine = "q35"
-    description  = "Stable-Diffusion"
-    tags         = ["tofu", "ubuntu-22", "iac-repo"]
+    description  = "Ollama, Open Webui, mindsdb"
+    tags         = ["tofu", "ubuntu-22", "auto-homelab-repo"]
    started      = true

    agent {
@ -14,7 +14,7 @@ resource "proxmox_virtual_environment_vm" "AI" {
    }

    clone {
-        vm_id = 9999
+        vm_id = 8101
    }
    
    # VM CPU Settings
--- a/terraform/nexus.tf
+++ b/terraform/nexus.tf
@ -0,0 +1,65 @@
+resource "proxmox_virtual_environment_vm" "Nexus" {
+
+    # VM General Settings
+    node_name    = "prox"
+    vm_id        = 205
+    name         = "Nexus"
+    description  = "Docker Registry to limit DockerHub pulls"
+    tags         = ["tofu", "ubuntu24", "auto-homelab-repo", "infrastructure"]
+
+    agent {
+      enabled = true # read 'Qemu guest agent' section, change to true only when ready
+    }
+
+    clone {
+        vm_id = 8002
+    }
+    
+    # VM CPU Settings
+    cpu {
+        cores = 4
+        type  = "host"
+        architecture = "x86_64"
+    }
+    
+    # VM Memory Settings
+    memory {
+        dedicated = 4096
+    }
+
+    # VM Network Settings
+    network_device {
+        bridge  = "vmbr0"
+    }
+
+    # VM Disk Settings
+    disk {
+        datastore_id = "Fast2Tb"
+        size         = 120
+        interface    = "scsi0"
+    }
+
+    vga {
+        type = "serial0"
+    }
+
+    initialization {
+        ip_config {
+            ipv4 {
+                address = "dhcp"
+            }
+        }
+
+        user_account {}
+    }
+
+    lifecycle {
+        ignore_changes = [
+            initialization[0].user_account[0].keys,
+            initialization[0].user_account[0].password,
+            initialization[0].user_account[0].username,
+            initialization[0].user_data_file_id
+        ]
+    }
+
+}
--- a/terraform/prox-backup-server.tf
+++ b/terraform/prox-backup-server.tf
@ -1,45 +0,0 @@
-resource "proxmox_virtual_environment_vm" "PBS" {
-  # VM General Settings
-  node_name    = "prox"
-  vm_id        = 10000
-  name         = "PBS"
-  description  = "Proxmox Backup Server"
-  tags         = ["tofu", "iac-repo"]
-  started      = true
-  
-  agent {
-    enabled = false 
-  }
-  
-  # VM CPU Settings
-  cpu {
-    cores = 2
-    type  = "host"
-    architecture = "x86_64"
-  }
-  
-  # VM Memory Settings
-  memory {
-    dedicated = 2048
-  }
-
-  # VM Network Settings
-  network_device {
-    bridge  = "vmbr0"
-  }
-
-  # VM Disk Settings
-  disk {
-    datastore_id = "Fast2Tb"
-    interface    = "scsi0"
-    size         = 32
-    file_format  = "raw"
-  }
-
-  disk {
-    datastore_id = "Slow4tb"
-    interface    = "scsi1"
-    size         = 2048
-    file_format  = "raw"
-  }
-}
--- a/terraform/ubuntu22-template.tf
+++ b/terraform/ubuntu22-template.tf
@ -8,7 +8,7 @@ resource "proxmox_virtual_environment_vm" "Ubuntu-22-Template" {

  disk {
    datastore_id = "Fast2Tb"
-    file_id      = "local:iso/jammy-server-cloudimg-amd64.img"
+    file_id      = proxmox_virtual_environment_download_file.ubuntu_cloud_image_22.id
    interface    = "scsi0"
    size         = 4
  }
@ -38,3 +38,11 @@ vga {
    }

 }
+
+
+resource "proxmox_virtual_environment_download_file" "ubuntu_cloud_image_22" {
+  content_type = "iso"
+  datastore_id = "local"
+  node_name    = "prox"
+  url          = "https://cloud-images.ubuntu.com/jammy/20240720/jammy-server-cloudimg-amd64.img"
+}
--- a/terraform/windows.tf
+++ b/terraform/windows.tf
@ -3,7 +3,7 @@ resource "proxmox_virtual_environment_vm" "Windows11" {
  node_name = "pve2"
  vm_id     = 250
  tags      = ["tofu"]
-  started   = false
+  started   = true
  bios      = "ovmf"
  machine   = "q35"
Author	SHA1	Message	Date
Matt Reeves	fc164dbc60	Merge branch 'main' into renovate/ghcr.io-goauthentik-server Some checks failed Lint on PR / Lint YAML files (pull_request) Successful in 10s Details Deploy to Hosts / deploy (pull_request) Has been cancelled Details	2024-08-09 14:51:21 -04:00
Matt Reeves	8c3eee2abe	Merge branch 'main' into renovate/ghcr.io-goauthentik-server All checks were successful Lint on PR / Lint YAML files (pull_request) Successful in 11s Details	2024-08-04 11:54:27 -04:00
Renovate Bot	8783f350e5	⬆️ Update ghcr.io/goauthentik/server Docker digest to a98f955 All checks were successful Lint on PR / Lint YAML files (pull_request) Successful in 10s Details	2024-08-02 02:43:26 +00:00
				`@ -1 +0,0 @@`
				`## Get from https://docs.goauthentik.io/docs/installation/docker-compose#preparation`