documentation for my homelab
Proxmox is the hypervisor that runs pretty much everything in my homelab. There are some things that need to be configured in Proxmox to get the infrastructure started.
When Proxmox VE was set up, it should have created a Linux Bridge vmbr0 bound to a physical Network Device on the server.
Create an additional OVS Bridge interface called vmbr1 that will serve as the OPNsense DMZ interface. When creating vmbr1, add the comment “OPNsense DMZ”, click “Create”, and then “Apply Configuration”.
Perform the previous step one more time to create another interface called vmbr2 that will serve as the OPNsense ADMIN interface.
I use Terraform to provision resources in Proxmox, and I grant it access to PVE through a non-root account.
To set up the user, go to Datacenter > Permissions > Users, and create a pam user called “terraform”.
Next, go to Datacenter > Permissions > API Tokens, and create an API token for the terraform user. Save the token secret to add to common secrets later.
Log into the pve console as root, and install the tailscale client on the Proxmox host. Once installed, run the following commands to connect pve to the tailnet, enable the tailscale SSH server, and serve the Proxmox VE web ui on the tailnet:
tailscale up --advertise-tags="infrastructure"
tailscale serve --bg https+insecure://localhost:8006