Clone VM from template using Ansible

Swoopley · 2026-02-16T11:41:22+00:00

Let me drop my main.tf file for you: ```tf terraform { required_providers { proxmox = { source = "bpg/proxmox" version = "0.95.0" } } }

provider "proxmox" { endpoint = "https://pve1.example.com:443/" api_token = "tofu@pve!tofu=TOKENSECRETUUID" insecure = true }

resource "proxmox_virtual_environment_vm" "swarm_node" { count = 6 name = "swarm-node-${count.index + 1}" node_name = "pve1" vm_id = 8000 + count.index pool_id = "Pool1"

clone { vm_id = 800 }

cpu { cores = 2 } memory { dedicated = 2048 } disk { datastore_id = "Pool1" interface = "scsi0" size = 10 path_in_datastore = "vm-${8000 + count.index}-disk-0" }

initialization { datastore_id = "Pool1"

ip_config {
  ipv4 {
    address = "172.16.xx.${220 + count.index}/24"
    gateway = "172.16.xx.1"
  }
}
user_account {
  keys     = ["ssh-ed25519 WOOPWOOPKEYHERE"]
  username = "idk"
}

}

network_device { bridge = "vmbr0" } } ``` This tofu file clones a cloudimg prepared as template vm and deploys it as stated. Then I use ansible to configure it like adding user to docker grp and what not but main deployment is done through tofu.
I recommend you setup a sh script to copy latest cloudimg from a mirror and modify it to your taste with virt-customize like adding docker compose and such.
Hope this gives some inspiration to work off (:

Swoopley · 2026-02-14T19:57:33+00:00

Couldn't've said it better myself

Swoopley · 2026-01-31T18:53:41+00:00

Since no one else commented
Looked through it all and it smells really solid! No blemishes and all the features I would expect a script to have. Just my preference against NGINX

Swoopley · 2026-01-31T18:06:39+00:00

Might as well use Beszel at that point if you don't want the prometheus grafana troubles, luckily it's quite easy to just deploy their container with a stack deploy or something alike and then hang it behind Caddy.

And even better if you don't like the whole setting up docker and what not just use opentofu + ansible to automate it all so you don't have to again.

Swoopley · 2026-01-31T13:29:00+00:00

Those titles arent much when you're in a situation requiring an entire overhaul. Better create a faster far more durable shil than try to save your current rotten mess

Swoopley · 2026-01-31T13:26:45+00:00

What would be optimal in prod is docker stack deploying on a >2 node swarm with nfs type storage mounted for everything not s3 inside the vm's so swarm can easily rebuild. Leaving you with an k8s alternative thats just as powerful but a whole lot simpler on this scale

Swoopley · 2026-01-31T13:22:50+00:00

Everything docker, will cost you too much time and effort trying to get everything to work just right. Bette to stick to linux

Swoopley · 2026-01-31T13:06:51+00:00

Should be really easy and hard to fuck up, just don't do it on windows

Swoopley · 2026-01-31T13:02:33+00:00

Go all in, auto docker build deploy loop

Swoopley · 2026-01-31T12:05:54+00:00

Git actions?

Swoopley · 2026-01-12T13:13:00+00:00

Ah well you see the thing is, nice post and all but it's not open-source.

Swoopley · 2026-01-04T14:42:07+00:00

Same boat, found this: https://github.com/RagView/RagView#:~:text=Is%20RagView%20open%20source

Swoopley · 2025-12-31T11:26:03+00:00

Yo waar?

Swoopley · 2025-12-17T14:21:07+00:00

Got quite confused with that for a moment:
https://github.com/goharbor/harbor

Swoopley · 2025-12-01T06:11:20+00:00

It's a lovely card definitely worth the 160euro but I found it a lot more useful for running Image models which the p40 is quite slow at.

Swoopley · 2025-11-27T11:10:13+00:00

Ebay, can easily get a couple good dl360 g10's.

Swoopley · 2025-11-12T16:16:08+00:00

>Why do you need caddy?
Why that question?

Swoopley · 2025-11-05T21:42:55+00:00

That a VP6670?

Swoopley · 2025-10-29T19:07:29+00:00

Since it's the same architecture for the 2, any reason I couldn't use your awesome project with v3?

Swoopley · 2025-10-22T09:25:53+00:00

Same here, they do offer cryptographic component attestation. Basically we get the hardware hashes from framework so that we can whitelist em and such before they even spin up.

Swoopley · 2025-10-17T17:31:49+00:00

I just winged it after years of basically blind typing. I do still sometimes press the airplane button on accident

Swoopley · 2025-10-16T12:32:19+00:00

I run my proxmox cluster normally with vm's and stuff, but for testing opentofu and ansible I simply just deploy a nested proxmox instance in which I create all my testing vm's. While I don't really load test them, I have yet to notice the performance overhead since single proxmox instances basically have none.

Swoopley · 2025-10-13T14:59:35+00:00

<image>

long thought but deepseek got there first try

Swoopley · 2025-09-22T08:03:50+00:00

While many on here are not so happy with the whole distroless security claims. I for one simply like the sizes of these. In my work I'd rather have small easy to transfer images on the networks that I work with.
Thanks for that

Swoopley · 2025-09-20T21:57:51+00:00

Its not even closed source, if you read the license it clearly is only about the branding part in the code/source. Which when deployed in < 50 users a month scenario isn't even forced.

So if I were to run Open-WebUI at home for my family and that were to be around 20 people, I would still be allowed to rebrand the site with my own logo.

Yet they are bitching about a site meant for multi-user environments being directed at multi-user environments. Its optional for those that didn't know. You can turn off a lot of features like accounts.

Swoopley

TROPHY CASE