From 9dc976facc1f07121ce4ee3521765850c9c9aa1c Mon Sep 17 00:00:00 2001 From: sjat Date: Sat, 30 May 2026 18:25:50 +0200 Subject: [PATCH] Clarify README scope and Terraform role; explain the boma name Broaden the intro beyond Ansible (Terraform + Ansible), state the infrastructure-not-personal-devices scope, and explain the Swahili name. Also replace the stale .vault_pass quick-start step with 'rbw unlock'. Co-Authored-By: Claude Opus 4.8 (1M context) --- README.md | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 50bc6df..01decc6 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,19 @@ -# Ansible homelab +# boma -Infrastructure automation for a Proxmox-based homelab running primarily Debian 13 VMs -with Docker services. Stable, secure, and fully managed via Ansible. +Infrastructure-as-code for a self-hosted homelab: a Proxmox cluster of Debian 13 VMs +running Docker services, provisioned with **Terraform** and configured with +**Ansible**. Stable, secure, reproducible, and fully version-controlled. + +**Scope** — this repo manages *infrastructure*: the cluster's VMs, their hardened +base OS, and the containerised services they run. It does **not** manage personal +machines (laptops, desktops, phones). Terraform owns VM existence; Ansible owns +everything inside a VM. See `STATUS.md` for what's built vs planned and +`docs/decisions/` for the design rationale. + +**The name** — *boma* is Swahili for a fortified homestead enclosure (a stockade +guarding what's within) — fitting for a hardened, self-contained home setup. It +keeps company with the project's other Swahili names: `askari` (the external +sentinel) and `nyumbani` ("home"). ## Quick start (control node) @@ -13,9 +25,9 @@ cd ~/ansible make setup make collections -# Place vault password (obtain via secure channel) -echo "your-vault-password" > .vault_pass -chmod 600 .vault_pass +# Unlock the vault password from Vaultwarden via rbw +# (one-time rbw setup: docs/runbooks/rotate-secrets.md) +rbw unlock # Verify setup make lint