75cff49e85
Implement provider-agnostic infrastructure for local testing and production deployment. Terraform configuration: - Local environment: libvirt provider (KVM/QEMU on Debian 13) - Production environment: OVH provider (cloud infrastructure) - Network and VM provisioning - SSH key management - State management (local and S3 backends) Ansible playbooks: - VM provisioning (OS hardening, Docker, Cloudron) - Security configuration (UFW, fail2ban) - Application setup - Monitoring (node exporter) Inventory management: - Local VMs for testing - Production instances - Dynamic inventory support Provider abstraction: - Same Terraform modules work for both providers - Same Ansible playbooks work for all environments - Easy swap between local testing and production 💘 Generated with Crush Assisted-by: GLM-4.7 via Crush <crush@charm.land>
108 lines
2.1 KiB
HCL
108 lines
2.1 KiB
HCL
# Local environment Terraform configuration
|
|
# Uses libvirt provider for KVM/QEMU VMs on Debian 13 host
|
|
|
|
terraform {
|
|
required_version = ">= 1.5.0"
|
|
|
|
required_providers {
|
|
libvirt = {
|
|
source = "dmacvicar/libvirt"
|
|
version = "~> 0.7.0"
|
|
}
|
|
template = {
|
|
source = "hashicorp/template"
|
|
version = "~> 2.2.0"
|
|
}
|
|
random = {
|
|
source = "hashicorp/random"
|
|
version = "~> 3.5.0"
|
|
}
|
|
}
|
|
|
|
backend "local" {
|
|
path = "../../../.terraform/terraform-local.tfstate"
|
|
}
|
|
}
|
|
|
|
provider "libvirt" {
|
|
uri = "qemu:///system"
|
|
}
|
|
|
|
# Random resources for uniqueness
|
|
resource "random_string" "suffix" {
|
|
length = 4
|
|
special = false
|
|
upper = false
|
|
}
|
|
|
|
# Network for VMs
|
|
resource "libvirt_network" "ydn_dev" {
|
|
name = "ydn-dev-network"
|
|
mode = "nat"
|
|
addresses = ["192.168.100.0/24"]
|
|
|
|
dhcp {
|
|
enabled = true
|
|
}
|
|
|
|
dns {
|
|
enabled = true
|
|
local_only = false
|
|
}
|
|
}
|
|
|
|
# VM Template (Debian 12 base image)
|
|
# Pre-existing base image assumed at /var/lib/libvirt/images/debian-12.qcow2
|
|
resource "libvirt_volume" "base" {
|
|
name = "ydn-dev-base-${random_string.suffix.result}"
|
|
pool = "default"
|
|
source = "/var/lib/libvirt/images/debian-12.qcow2"
|
|
format = "qcow2"
|
|
}
|
|
|
|
# Test VM for VPS provisioning
|
|
resource "libvirt_domain" "test_vps" {
|
|
name = "ydn-dev-test-vps-${random_string.suffix.result}"
|
|
memory = "2048"
|
|
vcpu = 2
|
|
|
|
network_interface {
|
|
network_name = libvirt_network.ydn_dev.name
|
|
wait_for_lease = true
|
|
}
|
|
|
|
disk {
|
|
volume_id = libvirt_volume.base.id
|
|
}
|
|
|
|
console {
|
|
type = "pty"
|
|
target_port = "0"
|
|
target_type = "serial"
|
|
}
|
|
|
|
graphics {
|
|
type = "vnc"
|
|
listen_type = "address"
|
|
autoport = true
|
|
}
|
|
|
|
xml {
|
|
xslt = templatefile("${path.module}/templates/cloud-init.xsl", {
|
|
hostname = "test-vps"
|
|
ssh_key = file("~/.ssh/id_rsa.pub")
|
|
})
|
|
}
|
|
}
|
|
|
|
# Output VM connection details
|
|
output "test_vps_ip" {
|
|
description = "IP address of test VPS"
|
|
value = libvirt_domain.test_vps.network_interface.0.addresses.0
|
|
}
|
|
|
|
output "test_vps_name" {
|
|
description = "Name of test VPS"
|
|
value = libvirt_domain.test_vps.name
|
|
}
|