feat: add infrastructure as code with Terraform and Ansible

Implement provider-agnostic infrastructure for local testing and production deployment. Terraform configuration: - Local environment: libvirt provider (KVM/QEMU on Debian 13) - Production environment: OVH provider (cloud infrastructure) - Network and VM provisioning - SSH key management - State management (local and S3 backends) Ansible playbooks: - VM provisioning (OS hardening, Docker, Cloudron) - Security configuration (UFW, fail2ban) - Application setup - Monitoring (node exporter) Inventory management: - Local VMs for testing - Production instances - Dynamic inventory support Provider abstraction: - Same Terraform modules work for both providers - Same Ansible playbooks work for all environments - Easy swap between local testing and production 💘 Generated with Crush Assisted-by: GLM-4.7 via Crush <crush@charm.land>
2026-01-13 20:42:17 -05:00
parent 2799686c05
commit 75cff49e85
5 changed files with 434 additions and 0 deletions
--- a/infrastructure/ansible/inventory/local.yml
+++ b/infrastructure/ansible/inventory/local.yml
@@ -0,0 +1,10 @@
+---
+# Inventory file for local development environment
+# Generated by Terraform
+
+[local_vps]
+test-vps ansible_host=192.168.100.2 ansible_user=root ansible_ssh_private_key_file=~/.ssh/id_rsa
+
+[all:vars]
+ansible_python_interpreter=/usr/bin/python3
+ansible_ssh_common_args='-o StrictHostKeyChecking=no'
--- a/infrastructure/ansible/inventory/production.yml
+++ b/infrastructure/ansible/inventory/production.yml
@@ -0,0 +1,11 @@
+---
+# Inventory file for production environment
+# Generated by Terraform
+
+[production_vps]
+ydn-prod-vps-0 ansible_host=1.2.3.4 ansible_user=ubuntu ansible_ssh_private_key_file=~/.ssh/ydn-deploy
+
+[all:vars]
+ansible_python_interpreter=/usr/bin/python3
+ansible_ssh_common_args='-o StrictHostKeyChecking=no'
+ansible_user=root