🗂 Home Lab¶

🏠 Overview

- Home Lab Overview – Purpose, design, and lab scope.

🖥 Virtualization & Infrastructure

- Manage VMs, Docker containers, and automated provisioning using Proxmox and Cloud-Init.

🔐 Identity & Authentication

- Centralized authentication and SSO using LDAP, Microsoft Entra ID, and OAuth2.

💾 Storage & Backup

- Manage distributed, networked, and file storage plus VM backups using Ceph, iSCSI, NFS, and Proxmox Backup Server.

⚙️ Automation & Orchestration

- Automate provisioning, deployment, and CI/CD workflows using Ansible, Semaphore, Terraform, Jenkins, and GitHub Actions.

🌐 Networking & Services

- Manage Reverse-Proxy, Pi-hole(DNS), and Certificates

📘 Project Management

- Organize issues, track projects, and host documentation using Redmine Configuration.

💻 Infrastructure-as-Code

- Automate provisioning, configuration, and deployment using Ansible, Terraform, and GitHub workflows.

🎯 Learning & Experimentation

- Sandbox for testing infrastructure, DevOps, and security workflows.

Future Expansions

- Track metrics, monitoring, and experimental tools such as Prometheus, Grafana, and other proof-of-concepts.

Wiki

🏃 Deploy Linux Security Updates Runbook¶

This runbook provides step-by-step instructions to apply Linux security updates on one or more hosts in your Home Lab using an Ansible playbook. Note that this process may reboot target systems if required by the updates.

1️⃣ Login to an Ansible Control Node¶

Start by logging into a control node with Ansible installed and prepare the environment:

cd ~/ansible
source /opt/python_3.12/bin/activate

⚡ Important: All subsequent steps must be run in this Ansible environment.

2️⃣ Pull the Latest Code¶

Ensure your local repository is up to date:

git pull origin main

⚡ Important: Pulling the latest code first prevents conflicts and ensures you’re working with the most recent playbook and inventory definitions.

3️⃣ Set Inventory¶

Before running the playbook, set the inventory of the target nodes you want to update:

INV=<set this to the inventory of target nodes to update>

For example, to update all Ubuntu servers:

INV=inventory/linux/inventory.ini

⚡ Tip: Adjust this to the specific inventory group you want to patch (e.g., inventory/servers/inventory.ini, inventory/web/inventory.ini, etc.).

4️⃣ Deploy Security Updates¶

Run the Ansible playbook to apply Linux security updates:

ansible-playbook -i $INV -k playbooks/linux/deploy_updates.yml

⚡ Note: The -k option will prompt for SSH password if needed.
⚠ If updates require a reboot, the target host may restart during this process.

5️⃣ Verify Successful Updates¶

After the playbook completes:

SSH into each updated host.
Check that the system is running and reachable.
Optionally, verify that critical packages have been updated:

sudo apt list --upgradable

It should return no upgradable packages if updates were applied successfully.

✅ Notes¶

Always pull the latest code before deploying.
Make sure the inventory variable (INV) points to the correct hosts you intend to update.
Some security updates may trigger a reboot; plan accordingly if target hosts provide production-like services.
If the update playbook fails, review the Ansible output and logs on the target systems to diagnose the error.

Files (0)

Project

General

Profile

Home Lab