Problem
Homelab security testing depends on repeatable VMs, but bringing up a KVM/QEMU host on Arch is fiddly — kernel modules, libvirt, networking and permissions all have to line up, and it's easy to forget a step on a fresh install.
Approach
- Started as a single
install-kvm.shfor the core package-and-configure flow, then grew it into a Python TUI for a guided, reviewable setup. - Split the backend into clear stages —
discovery(what's already on the host), aplanner(what needs to change), and arunner(apply it) — with a CLI entry point alongside the TUI. - Added unit tests around the planner so the "what will change" logic stays trustworthy as the tool evolves.
Impact
- Turns a clean Arch system into a working virtualization host without memorising the manual steps.
- The discover–plan–apply split makes the setup auditable — you see what it will do before it does it.
- Speeds up rebuilding isolated targets and analysis VMs when the lab topology changes.
Result
A guided, tested setup tool that takes an Arch box from clean install to usable KVM/QEMU host for security lab work.
What I Learned
- A discover–plan–apply structure turns a brittle install script into something you can trust and re-run.
- A small TUI makes an automation tool far more approachable than a wall of shell output.
- Tests around the planning logic catch regressions that are invisible in a plain script.
Next Steps
- Expand post-install validation for networking, storage, and virtualization support.
- Add optional profiles for attacker, target, and malware-analysis VM groups.
- Document a clean rebuild checklist for lab hosts.