Automation

Automation is central to the homelab philosophy: Infrastructure as Code, declarative configuration, and repeatable deployments. The automation stack combines Terraform for provisioning, Ansible for configuration, and PowerShell for Windows/M365 management.

Automation Philosophy

1. Infrastructure as Code – All infrastructure defined in version-controlled files
2. Idempotency – Run automation multiple times safely without side effects
3. Documentation as Code – Config files serve as living documentation
4. CI/CD Integration – Automated testing and deployment via Azure DevOps
5. Disaster Recovery – Rebuild entire environment from code

Core Tools

🏗️ Terraform

Infrastructure provisioning across Proxmox, cloud providers, and network devices. Declarative resource definitions with state management and dependency resolution.

Use Cases: - Proxmox VM/LXC provisioning - Network device configuration - Cloud resource management (VPS, DNS, storage)

⚙️ Ansible

Configuration management and application deployment. Agentless automation via SSH with extensive module library and role-based organization.

Use Cases: - System configuration (packages, services, files) - Application deployment and updates - Multi-host orchestration - Compliance enforcement

💻 PowerShell

Windows and Microsoft 365 automation for professional environments. Rich scripting capabilities with .NET integration and extensive module ecosystem.

Use Cases: - Active Directory management - Exchange/Teams administration - Azure/M365 automation - Windows Server configuration

---

Automation Workflows

Infrastructure Provisioning Pipeline

1. Terraform Plan  → Review infrastructure changes
2. Terraform Apply → Provision VMs/containers in Proxmox
3. Ansible Dynamic Inventory → Discover new hosts
4. Ansible Playbook → Configure systems and deploy apps
5. Validation → Run tests and health checks

CI/CD Integration

Azure DevOps Pipelines

# Example pipeline for infrastructure deployment
trigger:
  branches:
    include:
    - main
  paths:
    include:
    - terraform/**

stages:
- stage: Plan
  jobs:
  - job: TerraformPlan
    steps:
    - task: TerraformCLI@0
      inputs:
        command: plan
        workingDirectory: terraform/

- stage: Apply
  condition: succeeded()
  jobs:
  - job: TerraformApply
    steps:
    - task: TerraformCLI@0
      inputs:
        command: apply
        workingDirectory: terraform/

- stage: Configure
  condition: succeeded()
  jobs:
  - job: AnsibleConfig
    steps:
    - script: ansible-playbook -i inventory/ site.yml

GitOps Workflow

1. Make Changes – Update Terraform/Ansible configs in Git
2. Pull Request – Review changes with team
3. Automated Tests – Validate syntax and run lint checks
4. Merge – Approve and merge to main branch
5. Auto-Deploy – Pipeline automatically applies changes
6. Notifications – Discord/Slack alerts on success/failure

---

Project Organization

Directory Structure

homelab-automation/
├── terraform/
│   ├── proxmox/           # Proxmox VMs and containers
│   ├── networking/        # Network device configs
│   ├── dns/               # Cloudflare DNS records
│   └── modules/           # Reusable Terraform modules
├── ansible/
│   ├── inventory/         # Host groups and variables
│   ├── playbooks/         # Task automation
│   ├── roles/             # Reusable role definitions
│   └── group_vars/        # Group-specific variables
├── powershell/
│   ├── AD/                # Active Directory scripts
│   ├── Exchange/          # Exchange management
│   ├── Azure/             # Azure automation
│   └── Scheduled/         # Automated task scripts
└── pipelines/
    ├── infrastructure.yml # IaC deployment pipeline
    ├── testing.yml        # Validation and tests
    └── backup.yml         # Automated backup jobs

---

Automation Services

N8N Workflow Automation

Visual workflow builder for complex automation chains:

Example Workflows: - Server Monitoring – Check endpoints → Alert on failure → Create ticket - Media Automation – New file detected → Transcode → Update Jellyfin → Notify - Backup Orchestration – Trigger backups → Verify completion → Update dashboard - Home Integration – Motion detected → Turn on lights → Send notification

Home Assistant Automations

YAML-based automations for smart home:

Example Automations: - Presence Detection – Arrive home → Unlock door → Turn on lights → Set thermostat - Media Control – Movie starts → Dim lights → Close blinds - Energy Management – High power usage → Disable non-essential devices - Security – Door open at night → Flash lights → Send alert

Scheduled Tasks

Cron jobs and systemd timers for routine operations:

# /etc/cron.d/homelab-automation

# Daily backup of Docker volumes
0 2 * * * root /opt/scripts/backup-docker-volumes.sh

# Weekly Proxmox snapshot cleanup
0 3 * * 0 root /opt/scripts/cleanup-snapshots.sh

# Hourly cert renewal check
0 * * * * root certbot renew --quiet

---

Best Practices

Version Control

• Git Everything – All automation code in version control
• Branching Strategy – Feature branches with PR reviews
• Semantic Versioning – Tag releases (v1.2.3)
• Commit Messages – Descriptive commits with context

Testing & Validation

• Syntax Checking – Lint Terraform/Ansible/PowerShell code
• Dry Runs – terraform plan, ansible --check before apply
• Staging Environment – Test on dev infrastructure first
• Rollback Plans – Document how to revert changes

Security

• Secrets Management – Use Vaultwarden, Ansible Vault, Azure Key Vault
• Least Privilege – Minimal permissions for automation accounts
• Audit Logging – Track all automation executions
• Credential Rotation – Regular password/key updates

Documentation

• README Files – Explain purpose and usage of each project
• Variable Definitions – Document all configurable parameters
• Runbooks – Step-by-step guides for common operations
• Architecture Diagrams – Visual representation of dependencies

---

Monitoring Automation

Execution Tracking

• Azure DevOps Dashboards – Pipeline success/failure rates
• Graylog – Centralized logs from all automation runs
• Prometheus – Metrics for automation job duration and status

Alerting

• Failed Pipelines – Immediate notification on failures
• Long-Running Jobs – Alert if automation takes longer than expected
• Resource Changes – Notify on unexpected infrastructure modifications

---

Future Enhancements

• Self-Service Portal – Web UI for triggering common automation tasks
• Automated Testing – Expand test coverage for all playbooks/modules
• Multi-Cloud – Extend Terraform to AWS/GCP
• Observability – OpenTelemetry for automation workflow tracing
• ChatOps – Trigger automation via Slack/Discord commands