https://heezy.blog/tags/ansible/Recent content in Ansible on heezy.blogHugoen-usSun, 22 Mar 2026 00:00:00 +0000https://heezy.blog/posts/lgtm-monitoring-stack/Sun, 22 Mar 2026 00:00:00 +0000https://heezy.blog/posts/lgtm-monitoring-stack/<p>The monitoring stack runs on a dedicated VM at 10.x.x.x (shared-lgtm), deliberately separate from the Kubernetes cluster it watches. If the cluster goes down, the thing watching it needs to still be running. Seven containers in a single Docker Compose stack handle metrics collection, log aggregation, long-term storage, tracing, and dashboards with alerting. The whole thing is deployed and configured by a single Ansible role (<code>roles/lgtm/</code>) with Jinja2 templates for every config file. Push a change, GitHub Actions runs the playbook, Ansible templates the configs and restarts the stack. This post covers what each component does, what gets scraped, and how alerting works.</p>https://heezy.blog/posts/terraform-ansible-automation/Sat, 20 Dec 2025 00:00:00 +0000https://heezy.blog/posts/terraform-ansible-automation/<p>This is the story of taking a homelab that was 100% manually configured and turning it into something where every change is a git commit, every deployment is a GitHub Actions run, and I never SSH into a box to make a &ldquo;quick fix&rdquo; again. It took a lot of hours, a lot of broken credential chains, and one memorable incident where I leaked secrets because of echo output. But it works now, and it works well.</p>https://heezy.blog/posts/lab-modernization-journal/Thu, 18 Sep 2025 00:00:00 +0000https://heezy.blog/posts/lab-modernization-journal/<p>This is the journal of taking a homelab that was held together with SSH sessions and good intentions and turning it into something that manages itself. It took months of evenings and weekends, a lot of broken things, and more hours than I want to admit. But the lab went from &ldquo;I hope nobody touches that server&rdquo; to &ldquo;push to main and walk away.&rdquo;</p>