hosts: add role metadata to all hosts

Assign roles to hosts for better organization and filtering:
- ha1: home-automation
- monitoring01, monitoring02: monitoring
- jelly01: media
- nats1: messaging
- http-proxy: proxy
- testvm01-03: test

Also promote kanidm01 and monitoring02 from test to prod tier.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

hosts/ha1/configuration.nix

@@ -13,6 +13,8 @@
     ../../common/vm
   ];
 
+  homelab.host.role = "home-automation";
+
   nixpkgs.config.allowUnfree = true;
   # Use the systemd-boot EFI boot loader.
   boot.loader.grub = {

hosts/http-proxy/configuration.nix

@@ -11,6 +11,7 @@
     ../../common/vm
   ];
 
+  homelab.host.role = "proxy";
   homelab.dns.cnames = [
     "nzbget"
     "radarr"

hosts/jelly01/configuration.nix

@@ -11,6 +11,8 @@
     ../../common/vm
   ];
 
+  homelab.host.role = "media";
+
   nixpkgs.config.allowUnfree = true;
   # Use the systemd-boot EFI boot loader.
   boot.loader.grub = {

hosts/kanidm01/configuration.nix

@@ -14,9 +14,8 @@
     ../../services/kanidm
   ];
 
-  # Host metadata
   homelab.host = {
-    tier = "test";
+    tier = "prod";
     role = "auth";
   };
 

hosts/monitoring01/configuration.nix

@@ -11,6 +11,8 @@
     ../../common/vm
   ];
 
+  homelab.host.role = "monitoring";
+
   nixpkgs.config.allowUnfree = true;
   # Use the systemd-boot EFI boot loader.
   boot.loader.grub = {

hosts/monitoring02/configuration.nix

@@ -13,9 +13,9 @@
     ../../common/vm
   ];
 
-  # Host metadata (adjust as needed)
   homelab.host = {
-    tier = "test";  # Start in test tier, move to prod after validation
+    tier = "prod";
+    role = "monitoring";
   };
 
   # DNS CNAME for Grafana test instance

hosts/nats1/configuration.nix

@@ -11,6 +11,8 @@
     ../../common/vm
   ];
 
+  homelab.host.role = "messaging";
+
   nixpkgs.config.allowUnfree = true;
   # Use the systemd-boot EFI boot loader.
   boot.loader.grub = {

hosts/testvm01/configuration.nix

@@ -14,9 +14,9 @@
     ../../common/ssh-audit.nix
   ];
 
-  # Host metadata (adjust as needed)
   homelab.host = {
-    tier = "test";  # Start in test tier, move to prod after validation
+    tier = "test";
+    role = "test";
   };
 
   # Enable Vault integration

hosts/testvm02/configuration.nix

@@ -14,9 +14,9 @@
     ../../common/ssh-audit.nix
   ];
 
-  # Host metadata (adjust as needed)
   homelab.host = {
-    tier = "test";  # Start in test tier, move to prod after validation
+    tier = "test";
+    role = "test";
   };
 
   # Enable Vault integration

hosts/testvm03/configuration.nix

@@ -14,9 +14,9 @@
     ../../common/ssh-audit.nix
   ];
 
-  # Host metadata (adjust as needed)
   homelab.host = {
-    tier = "test";  # Start in test tier, move to prod after validation
+    tier = "test";
+    role = "test";
   };
 
   # Enable Vault integration