2026-05-07 21:16:03 +02:00
# Deployment Conventions
This document describes the GitOps-lite deployment process for the homelab.
## Principles
1. **Git as Source of Truth** : All infrastructure definitions (Docker Compose, configurations) are stored in Git.
2. **Unidirectional Flow** : Changes flow from **SATURN** (commit node) to execution nodes.
3. **Lightweight** : No complex orchestrators (no Kubernetes). Use `docker compose` and simple shell scripts.
4. **Tailscale Mesh** : All hosts are connected via Tailscale, allowing secure communication without public port exposure.
2026-05-11 20:46:50 +02:00
## Staged Deployment Framework
2026-05-07 21:16:03 +02:00
2026-05-11 20:46:50 +02:00
The homelab uses a staged deployment framework located at `scripts/deploy/deploy.sh` . This script is designed to be resumable, stage-aware, and observable.
2026-05-07 21:16:03 +02:00
2026-05-11 20:46:50 +02:00
### Deployment Stages
2026-05-07 21:16:03 +02:00
2026-05-11 20:46:50 +02:00
1. **prepare** : Pulls the latest changes from Git, validates inventory, and prepares the local environment.
2. **deploy** : Executes `docker compose` commands for all assigned services.
3. **verify** : Checks the health and connectivity of deployed services.
4. **diagnose** : Performs deep checks and resource analysis if something goes wrong.
5. **rollback** : Reverts to a previous known-good state.
6. **resume** : Automatically continues from the last successful stage.
2026-05-07 21:16:03 +02:00
2026-05-11 20:46:50 +02:00
### State Tracking and Logging
2026-05-07 21:16:03 +02:00
2026-05-11 20:46:50 +02:00
- **State** : Local node state is tracked in `/opt/homelab/state/deploy/current_stage` .
- **Logs** : Detailed execution logs are stored in `/opt/homelab/logs/deploy/deploy_<timestamp>.log` .
### Operational Semantics
Deployment is **hybrid** :
- **SATURN** acts as the orchestrator and source of truth.
- **Nodes** execute the deployment locally using the `deploy.sh` script.
- Human-in-the-loop is required for triggering and confirming deployments.
### Recovery Workflow
If a deployment fails:
1. Run `deploy.sh diagnose` to identify the issue.
2. Use the `recover-node` AI prompt to analyze logs and get recommendations.
3. Either fix the issue and run `deploy.sh resume` , or use `deploy.sh rollback` .
## Onboarding New Nodes
Refer to `inventory/templates/how_to_add_new_node.yaml` for a detailed guide on adding new hardware to the mesh. The general flow is:
1. Define node in `hosts/` and `inventory/topology.yaml` on SATURN.
2. Bootstrap the node (Docker, Tailscale, Git).
3. Run the staged deployment framework starting with `prepare` .
2026-05-07 21:16:03 +02:00
## Host-Local Overrides
If a service requires host-specific configuration (e.g., unique device paths for GPUs on SOLARIA):
1. Create a `docker-compose.override.yml` in `/opt/homelab/config/<service>/` .
2. The deployment script should include this override if it exists.
## Secrets Management
- **Do NOT commit secrets to Git.**
- Secrets should be placed in `/opt/homelab/config/<service>/.env` on the target host.
- The deployment script should ensure these are sourced by Docker Compose.
