I took the liberty of transferring some roles between VMs and have ended up with a slightly more streamlined homelab. Now that the 8GB Pi 4B is serving as the primary Pi-Hole instance I was able to get rid of one of the LXC containers. I’ve also managed to get rid of the Gitlab server, as I have another LXC container running Gitea, which is quite a bit lighter and fits my use case a bit better.
The biggest change was the move away from that ancient version of Ansible AWX to the CLI. I had originally set it up on the machine that serves as my Tailscale endpoint, but realized that I had too much stuff on there and decided to split it off. Interestingly, the version of Ansible in Rocky Linux 9’s repos is newer than the one in Ubuntu 22.04; however, by adding the Ansible PPA, I was able to get a newer version and ensure that my playbooks keep working.
Another role I’m working on splitting off is the renewal of my Let’s Encrypt certificates. By far, the easiest way I’ve found to get that working is just to use the Snap; yes, it works on Rocky 9, but as it’s Canonical’s baby, I figured I’d just chuck it on a lightweight LXC running Ubuntu.
By the time I have that working there’s probably not going to be a need for Rocky Linux in my homelab at all. It’s not a bad thing, as it’s quite stable and a great drop-in replacement for CentOS, but I don’t think my use case requires it. Even with the above changes, though, my server’s current memory utilization has dropped from 84GB to 37GB.
As for the playbooks, they’re pretty simple. One applies updates to all VMs/LXCs; one cleans the apt cache (because most of my VMs/LXCs are DEB-based); and one updates Pi-Hole weekly. I have another playbook that reboots VMs if they need it, but that one’s not on a schedule.