I have been building my homelab using Infrastructure as Code (IaC) so that VM provisioning and host configuration are repeatable, versioned, and easier to maintain over time.

This project combines:

  • Terraform for provisioning virtual machines on Proxmox.
  • Ansible for post-provisioning configuration (base packages, Docker host setup, and future monitoring roles).

What is implemented today

The current workflow is intentionally simple and predictable:

  1. Define Docker host VM parameters in Terraform variables (CPU, memory, disk, network, addressing).
  2. Use Terraform to clone VMs from a cloud-init-enabled Ubuntu template in Proxmox.
  3. Use Ansible playbooks to apply baseline OS configuration and install Docker.

From a technical perspective, the provisioning layer currently uses the telmate/proxmox provider and a proxmox_vm_qemu resource to configure:

  • Full clones from a reusable VM template.
  • Virtio networking and SCSI-based disks.
  • Cloud-init for user/bootstrap settings.
  • QEMU guest agent integration.
  • Deterministic VM IDs and host-level boot behavior.

Why IaC for a homelab?

Manual setup works once, but IaC is better for long-term operations:

  • Reproducibility: rebuilding hosts is far less error-prone.
  • Auditability: infrastructure changes are tracked in Git history.
  • Speed: spinning up a new Docker host becomes a defined workflow, not a checklist from memory.
  • Extensibility: the same pattern can later support monitoring, backups, and additional service tiers.

Why this project is currently on hold

I have temporarily paused active development because the latest Proxmox version introduced permission attribute changes that affect API-driven automation behavior.

In practice, this means existing assumptions used by the Terraform provider and my current role/token permission model need to be revisited and validated before continuing safely.

Rather than applying risky workarounds, I am pausing here to avoid unstable state management and permission drift.

What happens next

When compatibility stabilizes, the next phase will likely include:

  • Reviewing and documenting a least-privilege permission model aligned with the updated Proxmox behavior.
  • Re-validating Terraform plan/apply behavior for VM lifecycle operations.
  • Expanding Ansible roles for monitoring and service hardening.
  • Adding safer operational docs around upgrades and rollback strategy.

Final thoughts

Even with the pause, this work has already proven the value of treating a homelab like production-lite infrastructure: small automation decisions now prevent big operational pain later.

I will resume this project once the Proxmox permission attribute changes are fully mapped and tested against my IaC workflow.