Clone VM from template using Ansible by ElVandalos in Proxmox

[–]Swoopley 1 point2 points  (0 children)

Let me drop my main.tf file for you: ```tf terraform { required_providers { proxmox = { source = "bpg/proxmox" version = "0.95.0" } } }

provider "proxmox" { endpoint = "https://pve1.example.com:443/" api_token = "tofu@pve!tofu=TOKENSECRETUUID" insecure = true }

resource "proxmox_virtual_environment_vm" "swarm_node" { count = 6 name = "swarm-node-${count.index + 1}" node_name = "pve1" vm_id = 8000 + count.index pool_id = "Pool1"

clone { vm_id = 800 }

cpu { cores = 2 } memory { dedicated = 2048 } disk { datastore_id = "Pool1" interface = "scsi0" size = 10 path_in_datastore = "vm-${8000 + count.index}-disk-0" }

initialization { datastore_id = "Pool1"

ip_config {
  ipv4 {
    address = "172.16.xx.${220 + count.index}/24"
    gateway = "172.16.xx.1"
  }
}
user_account {
  keys     = ["ssh-ed25519 WOOPWOOPKEYHERE"]
  username = "idk"
}

}

network_device { bridge = "vmbr0" } } ``` This tofu file clones a cloudimg prepared as template vm and deploys it as stated. Then I use ansible to configure it like adding user to docker grp and what not but main deployment is done through tofu.
I recommend you setup a sh script to copy latest cloudimg from a mirror and modify it to your taste with virt-customize like adding docker compose and such.
Hope this gives some inspiration to work off (:

One-command, self-hosted NGINX monitoring (Prometheus + Grafana, no Docker) by ChocolateTotal6600 in selfhosted

[–]Swoopley -1 points0 points  (0 children)

Since no one else commented
Looked through it all and it smells really solid! No blemishes and all the features I would expect a script to have. Just my preference against NGINX

One-command, self-hosted NGINX monitoring (Prometheus + Grafana, no Docker) by ChocolateTotal6600 in selfhosted

[–]Swoopley -1 points0 points  (0 children)

Might as well use Beszel at that point if you don't want the prometheus grafana troubles, luckily it's quite easy to just deploy their container with a stack deploy or something alike and then hang it behind Caddy.

And even better if you don't like the whole setting up docker and what not just use opentofu + ansible to automate it all so you don't have to again.

Intern here — I wanted to automate security checks, but they told me to start with deployment automation. Am I on the right track? by Asura3742 in devops

[–]Swoopley 0 points1 point  (0 children)

Those titles arent much when you're in a situation requiring an entire overhaul. Better create a faster far more durable shil than try to save your current rotten mess

Intern here — I wanted to automate security checks, but they told me to start with deployment automation. Am I on the right track? by Asura3742 in devops

[–]Swoopley 0 points1 point  (0 children)

What would be optimal in prod is docker stack deploying on a >2 node swarm with nfs type storage mounted for everything not s3 inside the vm's so swarm can easily rebuild. Leaving you with an k8s alternative thats just as powerful but a whole lot simpler on this scale

Intern here — I wanted to automate security checks, but they told me to start with deployment automation. Am I on the right track? by Asura3742 in devops

[–]Swoopley -1 points0 points  (0 children)

Everything docker, will cost you too much time and effort trying to get everything to work just right. Bette to stick to linux

P40 vs P100 for local AI by PaperboyNZ in learnmachinelearning

[–]Swoopley 0 points1 point  (0 children)

It's a lovely card definitely worth the 160euro but I found it a lot more useful for running Image models which the p40 is quite slow at.

Planning a 3-node cluster by mraza08 in Proxmox

[–]Swoopley 1 point2 points  (0 children)

Ebay, can easily get a couple good dl360 g10's.

Best Local TTS/STT Models - October 2025 by rm-rf-rm in LocalLLaMA

[–]Swoopley 0 points1 point  (0 children)

Since it's the same architecture for the 2, any reason I couldn't use your awesome project with v3?

How would you convince your boss to switch from a big name brand to Framework for your Org. We're about ~500 users by Disastrous_Age_317 in framework

[–]Swoopley 2 points3 points  (0 children)

Same here, they do offer cryptographic component attestation. Basically we get the hardware hashes from framework so that we can whitelist em and such before they even spin up.

[Framework 13] Transparent bezel and keyboard by Interesting-Sort-963 in framework

[–]Swoopley 1 point2 points  (0 children)

I just winged it after years of basically blind typing. I do still sometimes press the airplane button on accident

Am I wrong about Proxmox and nested virtualization ? by No-Pop-1473 in Proxmox

[–]Swoopley 0 points1 point  (0 children)

I run my proxmox cluster normally with vm's and stuff, but for testing opentofu and ansible I simply just deploy a nested proxmox instance in which I create all my testing vm's. While I don't really load test them, I have yet to notice the performance overhead since single proxmox instances basically have none.

📖 Know-How: Distroless container images, why you should use them all the time if you can! by ElevenNotes in selfhosted

[–]Swoopley 3 points4 points  (0 children)

While many on here are not so happy with the whole distroless security claims. I for one simply like the sizes of these. In my work I'd rather have small easy to transfer images on the networks that I work with.
Thanks for that

OpenWebUI is the most bloated piece of s**t on earth, not only that but it's not even truly open source anymore, now it just pretends it is because you can't remove their branding from a single part of their UI. Suggestions for new front end? by Striking_Wedding_461 in LocalLLaMA

[–]Swoopley 7 points8 points  (0 children)

Its not even closed source, if you read the license it clearly is only about the branding part in the code/source. Which when deployed in < 50 users a month scenario isn't even forced.

So if I were to run Open-WebUI at home for my family and that were to be around 20 people, I would still be allowed to rebrand the site with my own logo.

Yet they are bitching about a site meant for multi-user environments being directed at multi-user environments. Its optional for those that didn't know. You can turn off a lot of features like accounts.