Author of Sylve here, and I helped deploy the setup in the post.

> All I read is that they are still doing ClickOPS over DevSecOps!!

Their setup is mostly working on embedded stuff, and this involves some amount of moving VM disk images around, sometimes they run different software within the same VM disk, so that means ZFS properties need to be tweaked accordingly (compression, recordsize, etc). This is a lot easier to do with a UI than it is with CLI, and the UI is pretty good at showing you what’s going on. Now I'm all for automating stuff, but there's no clear pattern here to automate away,

Now regarding automation in Sylve, you can create a template out of Sylve (with networking, storage, CPU config etc.) and then deploy that template as many times as you want (from the UI), last I checked proxmox only allows you to clone from template one at a time.

What I do is pretty similar to what you mention, but I don't really use ansible since on FreeBSD if it's in the ports tree its one command (after base system is set up) which is `pkg install -y <package>`. And your entire stack (from your list), can be done with one command each. The only thing I see that would need a bit setup would be the wireguard vpn, but even that is pretty straightforward under FreeBSD (so you can do it with a jail and no need for a VM).

I see, based on your comment and others, Sylve seems to be heavily GUI for everything.

There is nothing wrong with that but if an user cannot perform the same tasks via CLI, I see that as a big blocker for a project to be fully adopted with exceptions. OPNSense, there is zero reasons to manage the whole network and what not via CLI, GUI makes life so much easier. I would hate it having to do everything via CLI.

The other thing is LXC, Sylve seems to call it jail.

I would expect this jail to support something like below.

Ansible only automates what you do manually, the server itself only sees the command and it will never run Ansible itself, so intead of manually creating a LXC, Ansible would send:

   - name: Deploy LXC
     ansible.builtin.command: >
      pct create {{ lxc_id }} {{ template }}
      --hostname {{ hostname }}
      --unprivileged 1
      --cores {{ cores }}
      --memory {{ memory }}
      --rootfs {{ storage }}:{{ rootfs_size }}
      --net0 name=eth0,bridge={{ bridge }},ip={{ static_ip }}/{{ cidr }},gw={{ gateway }}
      --features nesting=0

Of I wanna exec into the LXC container to restore a backup and start the system, I would expect Sylve to support this.

  - name: Import lists and hotfixes
    ansible.builtin.command: >
     pct exec {{ lxc_id }} -- bash -c "
     pihole-FTL --config ntp.sync.interval 0;
     systemctl stop pihole-FTL;
     sqlite3 /etc/pihole/gravity.db < /tmp/adlist.sql;
     systemctl start pihole-FTL;
     sudo pihole -g
     "

All of that from my PC without having to go to a browser. That is the friction that your team should look into automating, there is always a way, it is just easier to go to the browser.

That’s fair, but Sylve isn’t GUI-only.

We’re API-first, the UI is just a client on top. We already ship Swagger docs with the code (docs/ on the repo), so everything the UI does is exposed and usable programmatically today.

Right now we’re still early (v0.2), so the CLI/SDK pieces aren’t fully there yet, but that’s what we’re building next.

Before v0.4 the plan is:

* a proper CLI for scripting

* a well-defined API lib (TypeScript/Go first, others later)

* parity between UI, CLI, and API

Noice, I know I sound like a hater haha but I am just curious.

This is the first time I heard about it, I will check its documentation later. Workplace flagged it as grayware, go figure haha

> if you aren't using automation in 2026, your future in IT is cooked.

This x 10.

Ansible and OpenTofu/Terraform is where it is at. And you can use Claude/Codex with that setup.

> Terraform I am not and do not intend in becoming a Kubernetes expert, many companies run Kubernetes and they don't know why they do it, some hypes make things so much harder.

But I do have a single cluster at home which allowed me to learn both Kubernetes and Terraform, I also hate Docker so much that I prefer to convert a Dockerfile into a Terraform template and voila, I do not use it to run my stuff.

I enjoy Terraform very much with Terragrunt. Terraform alone is too messy, Terragrunt makes the house cleaner.

How many times are you redeploying your homelab stuff? I also run lxc containers and thought about automating deployments but in my one year running proxmox I have only deployed each container once. If anything breaks I have PBS running to recover a previous backup. I don't see myself having to repeat this process more than once or twice

>How many times

It less about how many times and more about used to automate everything, spend less time doing boring things and more time doing fun stuff.

For example, when I first deployed a Jellyfin LXC container with GPU and what not, the container itself hosts nothing, Proxmox mounts the NFS shared from TrueNAS to it, and it uses a local NVMe for transcoding.

And yet, novice me picked a small storage size, 5GB or something because I only run Debian Netinst which uses 200MB of ram and 0.00001% CPU. Debian Netinst itself requires what 1-2GB of disk??

Back to your question, I had to redeploy another Jellyfin container coz it ran out of disk space with:

1. the GPU passthrough

2. mount all the NFS shares once the LXC is up

3. the transcode folder

4. rsync from TrueNAS and restore the metadata with all the movies and what not.

Had I planned to do it?? Nope.

One command line and I have a brand new Jellyfin LXC with much bigger storage, and working like nothing happened, fully automated from my PC via Ansible.