Create setup_todo.md

setup_todo.md

@@ -0,0 +1,117 @@
+# Proxmox Homelab CI/CD & Application Hosting Setup
+
+This document outlines the setup for a comprehensive homelab environment on a Dell PowerEdge R720 (24 Cores / 96GB RAM) running Proxmox VE. 
+The goal is to establish a fully open-source CI/CD pipeline for Docker images and host various applications.
+
+## I. Proxmox VE Host (Dell PowerEdge R720)
+
+-   [ ] **Install Proxmox VE:** Latest stable version.
+-   [ ] **Configure Storage:**
+    -   [ ] **OS/Proxmox:** Fast SSDs (e.g., 2x SSDs in ZFS mirror).
+    -   [ ] **VM/CT Storage:** Larger capacity SSDs (e.g., 2-4 SSDs in ZFS RAIDZ1 or RAID10).
+    -   [ ] **ISO/Templates/Backups:** Larger HDDs (e.g., 2x HDDs in ZFS mirror or NAS share).
+-   [ ] **Configure Networking:**
+    -   [ ] Bond NICs (LACP) if switch supports.
+    -   [ ] Setup VLANs (e.g., Management, VMs/CTs, DMZ).
+-   [ ] **System Updates:** Ensure Proxmox VE is fully updated.
+-   [ ] **Create Base Templates:**
+    -   [ ] Ubuntu Server LTS VM Template.
+    -   [ ] Ubuntu Server LTS CT Template.
+
+## II. Management & Core Infrastructure VMs/CTs
+
+-   [ ] **CT 1: Ad Blocker / DNS Server (e.g., Pi-hole/AdGuard Home)**
+    -   [ ] Deploy from Ubuntu CT template.
+    -   [ ] Install Pi-hole or AdGuard Home.
+    -   [ ] Configure DNS settings.
+    -   [ ] Point network clients to this DNS.
+    -   *Resources: 1-2 vCPUs, 512MB-1GB RAM, 8GB Disk*
+-   [ ] **CT 2: Reverse Proxy & SSL Management (e.g., Nginx Proxy Manager)**
+    -   [ ] Deploy from Ubuntu CT template.
+    -   [ ] Install Docker & Docker Compose.
+    -   [ ] Deploy Nginx Proxy Manager (Docker container).
+    -   [ ] Configure initial access and SSL.
+    -   *Resources: 2 vCPUs, 1-2 GB RAM, 16GB Disk*
+
+## III. CI/CD & DevOps Stack VMs/CTs
+
+-   [ ] **VM 1: Git & CI/CD Orchestration Server (Gitea & Drone Server)**
+    -   [ ] Deploy from Ubuntu VM template.
+    -   [ ] Install Gitea (binary or Docker).
+        -   [ ] Configure Gitea (database, admin user).
+        -   [ ] Create initial repositories.
+    -   [ ] Install Docker & Docker Compose.
+    -   [ ] Deploy Drone CI Server (Docker container).
+        -   [ ] Configure Drone Server (connect to Gitea, secrets).
+    -   *Resources: 4-6 vCPUs, 8-16 GB RAM, 50-100GB Disk*
+-   [ ] **VM 2 (or CTs): Drone CI Runner(s)**
+    -   [ ] Deploy from Ubuntu VM/CT template(s).
+    -   [ ] Install Docker Engine.
+    -   [ ] Deploy Drone Docker Runner (Docker container).
+        -   [ ] Register runner(s) with Drone Server.
+    -   *Resources (per runner): 2-4 vCPUs, 4-8 GB RAM, 30-50GB Disk*
+-   [ ] **VM 3: Artifact & Container Registry Server (Harbor)**
+    -   [ ] Deploy from Ubuntu VM template.
+    -   [ ] Install Docker & Docker Compose.
+    -   [ ] Deploy Harbor using its `install.sh` script (which uses Docker Compose).
+        -   [ ] Configure Harbor (hostname, admin password, storage).
+        -   [ ] (Optional) Configure vulnerability scanning.
+    -   *Resources: 4-6 vCPUs, 8-16 GB RAM, 100GB+ Disk*
+    -   [ ] (Alternative) Configure Gitea's built-in container registry (if skipping dedicated Harbor).
+
+## IV. Application Hosting / Deployment Target VMs/CTs
+
+-   [ ] **VM 4 (or CT 3): Docker Application Host 1 ("Prod-like")**
+    -   [ ] Deploy from Ubuntu VM/CT template.
+    -   [ ] Install Docker Engine & Docker Compose.
+    -   [ ] (Optional) Install Watchtower (pointing to Harbor).
+    -   [ ] (Optional) Install Portainer.
+    -   *Resources: 4-8 vCPUs, 8-16 GB RAM, 50-100GB Disk*
+-   [ ] **VM 5 (or CT 4): Docker Application Host 2 ("Staging/Dev")**
+    -   [ ] Deploy from Ubuntu VM/CT template.
+    -   [ ] Install Docker Engine & Docker Compose.
+    -   *Resources: 2-4 vCPUs, 4-8 GB RAM, 50GB Disk*
+-   [ ] **(Optional) Kubernetes Cluster (e.g., K3s)**
+    -   [ ] Deploy 1x Master K3s VM.
+    -   [ ] Deploy 2x Worker K3s VMs.
+    -   [ ] Initialize K3s cluster.
+    -   [ ] (Optional) Install Argo CD / Flux CD for GitOps.
+
+## V. Monitoring & Logging (Optional)
+
+-   [ ] **CT 5: Monitoring Stack (Prometheus, Grafana, Loki)**
+    -   [ ] Deploy from Ubuntu CT template.
+    -   [ ] Install Docker & Docker Compose.
+    -   [ ] Deploy Prometheus (Docker container).
+    -   [ ] Deploy Grafana (Docker container).
+    -   [ ] (Optional) Deploy Loki (Docker container).
+    -   [ ] Configure data sources and basic dashboards.
+    -   *Resources: 2-4 vCPUs, 4-8 GB RAM, 50GB Disk*
+
+## VI. General Configuration & Best Practices
+
+-   [ ] **Proxmox Backups:**
+    -   [ ] Configure scheduled backups for all critical VMs/CTs.
+    -   [ ] Verify backup storage location and retention.
+-   [ ] **Security Hardening:**
+    -   [ ] Strong passwords for all services and OS accounts.
+    -   [ ] Regular system updates (Proxmox host & guests).
+    -   [ ] Configure host firewalls (`ufw` on Ubuntu guests).
+    -   [ ] Minimize exposed ports.
+-   [ ] **Documentation:**
+    -   [ ] Keep notes on configurations, IP addresses, credentials (securely stored).
+-   [ ] **CI/CD Pipeline Setup:**
+    -   [ ] Create a sample application with a Dockerfile.
+    -   [ ] Push to Gitea.
+    -   [ ] Create `.drone.yml` pipeline:
+        -   [ ] Build step.
+        -   [ ] Push to Harbor step.
+        -   [ ] Deployment step (e.g., SSH + `docker-compose up`).
+    -   [ ] Test the full pipeline.
+
+## VII. Future Enhancements
+
+-   [ ] Centralized Authentication (e.g., FreeIPA, Keycloak).
+-   [ ] More advanced GitOps with ArgoCD/Flux.
+-   [ ] Distributed storage (e.g., Ceph - if you have enough nodes/disks).
+-   [ ] Automated SSL certificate management for internal services.