basher83/omni-talos
plugins/homelab/omni-scale/skills/omni-talos/SKILL.md
Operational tooling for Talos Linux Kubernetes clusters via Sidero Omni with Proxmox infrastructure provider, covering machine classes, CEL storage selectors, and provider lifecycle management.
$ install --global
skillsauthnpx skillsauth add basher83/lunar-claude omni-talosInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 10, 2026, 3:16 AM236.7s18 files scanned
SKILL.md
- name:
- omni-talos
- description:
- >
- when_to_use:
- >
Omni + Proxmox Infrastructure Provider
Operational tooling for Talos Linux Kubernetes clusters via Sidero Omni with Proxmox infrastructure provider.
Provider Operations
Use ${CLAUDE_PLUGIN_ROOT}/skills/omni-talos/scripts/provider-ctl.py for provider management:
| Task | Command |
|------|---------|
| Check status | ${CLAUDE_PLUGIN_ROOT}/skills/omni-talos/scripts/provider-ctl.py --status |
| View logs | ${CLAUDE_PLUGIN_ROOT}/skills/omni-talos/scripts/provider-ctl.py --logs 50 |
| Raw JSON logs | ${CLAUDE_PLUGIN_ROOT}/skills/omni-talos/scripts/provider-ctl.py --logs 50 --raw |
| Restart provider | ${CLAUDE_PLUGIN_ROOT}/skills/omni-talos/scripts/provider-ctl.py --restart |
The provider runs on Foxtrot LXC (CT 200) — script handles SSH automatically.
Current Deployment
| Component | Location | IP | Endpoint |
|-----------|----------|-----|----------|
| Omni | Holly (VMID 101, Quantum) | 192.168.10.20 | omni.spaceships.work |
| Proxmox Provider | Foxtrot LXC (CT 200, Matrix) | 192.168.3.10 | L2 adjacent to Talos VMs |
| Target Cluster | Matrix (Foxtrot/Golf/Hotel) | 192.168.3.{5,6,7} | Proxmox API |
| Storage | CEPH RBD | — | vm_ssd pool |
Quick Reference
omnictl commands:
omnictl cluster status <cluster-name>
omnictl get machines -l omni.sidero.dev/cluster=<cluster-name>
omnictl get machineclasses
omnictl apply -f machine-classes/<name>.yaml
omnictl cluster template sync -f clusters/<name>.yaml
Note: --cluster flag does not exist. Use label selector -l instead.
MachineClass minimal example:
metadata:
namespace: default
type: MachineClasses.omni.sidero.dev
id: matrix-worker
spec:
autoprovision:
providerid: matrix-cluster
providerdata: |
cores: 4
memory: 16384
disk_size: 100
storage_selector: name == "vm_ssd"
node: foxtrot
See references/machine-classes.md for full field reference.
Key Constraints
| Constraint | Details |
|------------|---------|
| L2 adjacency | Provider MUST be on same L2 as Talos VMs (Foxtrot LXC) |
| CEL type reserved | Use name only for storage selectors |
| Hostname bug | Use :local-fix tag, not :latest |
| No CP pinning | Omni allows only 1 ControlPlane section per template |
| No VM migration | Destroys node state — destroy/recreate instead |
| Split-horizon DNS | omni.spaceships.work → 192.168.10.20 (LAN) |
Reference Files
| File | Content |
|------|---------|
| references/architecture.md | Network topology, design decisions |
| references/machine-classes.md | Full provider data fields (compute, storage, network, PCI) |
| references/provider-setup.md | Provider config, compose setup, credentials |
| references/cluster-templates.md | Cluster template structure, patches |
| references/cel-storage-selectors.md | CEL syntax and patterns |
| references/debugging.md | Common issues |
| references/recovery-procedures.md | Recovery from stuck states |
| references/proxmox-permissions.md | API token setup |
| references/omnictl-auth.md | Authentication methods |
Examples
| File | Description |
|------|-------------|
| examples/machineclass-ceph.yaml | CEPH storage |
| examples/machineclass-local.yaml | Local LVM |
| examples/cluster-template.yaml | Complete cluster |
| examples/proxmox-gpu-worker.yaml | GPU passthrough |
| examples/proxmox-storage-node.yaml | Storage node |
| examples/proxmox-worker-multi-net.yaml | Multi-network |
Related Skills
basher83/claude-md-improver
testing
VerifiedTrustedCommunity
Audit and improve CLAUDE.md files in repositories. Use when user asks to check, audit, update, improve, or fix CLAUDE.md files. Scans for all CLAUDE.md files, evaluates quality against templates, outputs quality report, then makes targeted updates. Also use when the user mentions "CLAUDE.md maintenance" or "project memory optimization".
19SKILL.mdUpdated May 10, 2026
basher83/git-workflow
tools
VerifiedTrustedCommunity
Best practices for git workflow automation including atomic commits, branch naming, conventional commit format, and changelog generation.
19SKILL.mdUpdated Apr 16, 2026
basher83/git-status
tools
VerifiedTrustedCommunity
Summarize the current state of the git repository
19SKILL.mdUpdated Apr 16, 2026
basher83/git-commit
data-ai
VerifiedTrustedCommunity
Run hooks and create clean, logical commits via the commit-craft agent.
19SKILL.mdUpdated Apr 16, 2026