chore: Add markdown files

.github/workflows/infra-build.yml

@@ -4,23 +4,28 @@ on:
   push:
     branches:
       - master
+  paths:
+      - '**.tf'
 
 jobs:
   opentofu:
+    if: github.repository == 'comprofix/opentofu-homelab'
     name: Opentofu Build
     runs-on: self-hosted
     container:
       image: node:20-bullseye
     
     env:
-      PG_CONN_STR: ${{ secrets.PG_CONN_STR }}   # available to all steps
+      PG_CONN_STR: ${{ secrets.PG_CONN_STR }}   # PostgreSQL backend connection string
 
     steps:
+      # 1. Checkout code
       - name: Checkout code
         uses: actions/checkout@v5
         with:
           fetch-depth: 0
 
+      # 2. Generate dynamic Terraform/Opentofu vars from secrets
       - name: Generate Dynamic Vars (Secrets)
         run: |
           cat <<EOF > terraform.auto.tfvars
@@ -33,26 +38,33 @@ jobs:
           passphrase = "${{ secrets.SSH_PASSPHRASE }}"
           EOF
 
+      # 3. Setup Opentofu CLI
       - name: Setup Opentofu
         uses: opentofu/setup-opentofu@v1
 
+      # 4. Format the secrets/vars file (required by tofu fmt)
       - name: Format vars file
         run: tofu fmt terraform.auto.tfvars
 
+      # 5. Initialize Opentofu backend and providers
       - name: Opentofu Init
         run: tofu init
 
+      # 6. Full formatting/lint check for all files
       - name: Opentofu Format Check
         run: tofu fmt -check -recursive
 
+      # 7. Validate configuration
       - name: Opentofu Validate
         run: tofu validate
 
+      # 8. Plan changes
       - name: Opentofu Plan
         id: plan
         run: |
           tofu plan -out=tfplan -detailed-exitcode
 
+      # 9. Apply changes only if previous steps succeed
       - name: Opentofu Apply
         if: success()
         run: tofu apply -auto-approve tfplan

CHANGELOG.md

@@ -0,0 +1,34 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format follows [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),  
+and this project adheres to [Semantic Versioning](https://semver.org/).
+
+---
+
+## [Unreleased]
+
+### Added
+- Initial setup of OpenTofu project structure
+- Providers for Proxmox, Omada, GitHub
+- PostgreSQL backend support
+- GitHub Actions CI/CD workflow with `init`, `fmt`, `validate`, `plan`, and `apply`
+- Secure secrets handling via `terraform.auto.tfvars`
+
+### Changed
+- N/A
+
+### Removed
+- N/A
+
+---
+
+## [0.1.0] - 2025-09-27
+
+### Added
+- First working pipeline applying infrastructure automatically on `main`
+- Docker VM definition (`docker.tf`)
+- GitHub repo/org configuration (`github.tf`)
+- Omada networking definitions (`omada.tf`)
+- Provider and backend config (`provider.tf`)

LICENSE.md

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 Matthew McKinnon
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,80 @@
+![Header Image](https://miro.medium.com/v2/resize:fit:4000/1*16DgdobhWUUXKzF4fwjOdw.png)
+
+[![deploy-containers](https://github.com/comprofix/opentofu-homelab/actions/workflows/infra-build.yml/badge.svg)](https://github.com/comprofix/opentofu-homelab/actions)
+
+## 📖 Overview
+
+Infrastructure as Code (IaC) for the Comprofix homelab using [OpenTofu](https://opentofu.org/).  
+
+This repository provisions and manages resources such as the Proxmox VMs and LXC containers used in the Comprofix Homelab
+
+---
+
+## 🚀 Features
+
+- Declarative infrastructure management with OpenTofu
+- Remote state stored in PostgreSQL backend
+- Automated formatting, validation, and applies via GitHub Actions
+- Secure injection of secrets into `terraform.auto.tfvars`
+- Supports Proxmox VM provisioning and Omada configuration
+
+---
+
+## 📂 Repository Layout
+
+```
+├── dev-docker.tf # Docker VM definitions
+├── github.tf # GitHub repo/org configuration
+├── omada.tf # Omada network definitions
+├── provider.tf # Provider setup and backend configuration
+```
+
+---
+
+## ⚙️ Requirements
+
+- **OpenTofu** (installed automatically in GitHub Actions via [`opentofu/setup-opentofu`](https://github.com/opentofu/setup-opentofu))
+- **PostgreSQL** database for remote state  
+  Connection string provided via secret: `PG_CONN_STR`
+- **GitHub Actions self-hosted runner** with access to Proxmox and Omada APIs
+- Configured repository secrets:
+  - `PG_CONN_STR`
+  - `CI_USER`, `CI_PASSWORD`
+  - `PVE_API_URL`, `PVE_API_TOKEN_ID`, `PVE_API_TOKEN_SECRET`
+  - `SSH_PRIVATE_KEY`, `SSH_PASSPHRASE`
+
+---
+
+## 🔄 Workflow
+
+Infrastructure is applied automatically on pushes to the `main` branch.
+
+1. Checkout repo
+2. Generate `terraform.auto.tfvars` from GitHub secrets
+3. Run `tofu init`, `tofu fmt`, `tofu validate`
+4. Execute `tofu plan`
+5. If successful, run `tofu apply`
+
+> 🔒 PRs and forks do not run workflows. Only code merged into `main` will trigger an apply.
+
+---
+
+## 📖 Usage
+
+Local testing:
+
+```bash
+# Initialize
+tofu init
+
+# Format configs
+tofu fmt -recursive
+
+# Validate configs
+tofu validate
+
+# Plan changes
+PG_CONN_STR="postgres://..." tofu plan
+
+# Apply changes
+PG_CONN_STR="postgres://..." tofu apply