Homelab on Panic! At The Terminal

SSH Hardening and Automation User Setup with Ansible

Sat, 12 Jul 2025 12:00:00 +0300

SSH Hardening and Automation User Setup with Ansible #

Here’s a little post about how I do SSH hardening for my RHEL9 homelab and how I ensure that the Ansible automation user is properly set. The playbook stems from an incident I had in Red Hat Insights where it was reported that I had an SSH configuration that allowed legacy ciphers. It was also adviced to create a crypto policy that disables weak algorithms.

Automating KVM Backups with Ansible

Sat, 12 Jul 2025 10:00:00 +0300

Automating KVM Homelab Backups with Ansible #

When you’re running a dozen virtual machines in your homelab, manual backups quickly become a nightmare.

In this post, I’ll walk you through my Ansible-based backup strategy for my KVM homelab. It automatically backs up all VMs by shutting them down gracefully, copying their disk images and configurations to a NAS, and bringing them back online.

Backup Strategy #

My backup strategy uses Ansible to orchestrate the entire process:

Automated Network Monitoring: Adding Servers to LibreNMS with Ansible

Mon, 07 Jul 2025 14:00:00 +0300

Automated Network Monitoring: Adding Servers to LibreNMS with Ansible #

Adding servers to LibreNMS by hand is tedious, and should be done by automation. In this post, I’ll show you how I’ve automated the entire process of configuring SNMP and adding servers to LibreNMS using Ansible.

The Workflow #

Basically what the playbook does is:

Install and configure SNMP
Set up necessary firewall rules
Add the server to LibreNMS
Add it to the correct device group.

The Playbook #

Step 1: Installing SNMP Components #

- name: Ensure snmp is installed
  ansible.builtin.dnf:
    name:
      - net-snmp
      - net-snmp-utils
    state: present

The net-snmp package is needed for the SNMP daemon.

Optimizing KVM Virtual Machines with Tuned Profiles

Mon, 07 Jul 2025 12:00:00 +0300

Optimizing KVM Virtual Machines with Tuned Profiles #

The tuned service on Red Hat-based systems provides pre-configured performance profiles that can significantly improve your VM performance with minimal effort.

In this post, I’ll show you how to optimize your KVM VMs using tuned profiles and automate the entire process with Ansible.

The Playbook #

Since I manage dozens of VMs in my homelab, doing this manually would be tedious. Instead, I use this Ansible playbook to apply tuned optimization to all my VMs:

Automating RHEL Server Updates with Ansible

Sat, 05 Jul 2025 16:00:00 +0300

Automating RHEL Server Updates with Ansible #

Introduction #

I hate updating my servers manually so I’ve set up this playbook to run updates. This was probably the first playbook I ever wrote for my home lab, and it’s been running automatically for years now on a weekly schedule every Friday night through AAP (Ansible Automation Platform).

This guide shows you how to automate RHEL (and other yum/dnf based distros like Fedora, CentOS etc.) server updates using Ansible, including proper reboot handling.

Setting up BIND9 for Internal DNS on RHEL9

Thu, 03 Jul 2025 20:00:00 +0300

Setting up BIND9 for Internal DNS on RHEL9 #

This guide covers setting up BIND9/named for internal reverse/forward DNS resolution on a RHEL9 server. Unlike public authoritative DNS servers, internal DNS servers provide recursive resolution for your internal network and handle local domain queries.

All IP addresses, network ranges, and hostnames in this guide are examples. Replace them with your actual values.

For the entirety of the guide we’ll be running every single command as root.