Environment_Infrastructure

iklim.co/Environment_Infrastructure

Fork 0

Commit Graph

Author	SHA1	Message	Date
Murat ÖZDEMİR	03ad812512	Refine Hetzner firewall rules and update server types Overhaul and expand firewall definitions for both `prod` and `test` environments to enable comprehensive inter-subnet communication. This includes implementing explicit rules supporting: - Docker Swarm overlay networks between application and database subnets. - High-availability database clusters (PostgreSQL replication, MongoDB replica sets, Patroni, etcd). - Internal access for various infrastructure services (Vault, Redis, RabbitMQ, APISIX, Prometheus, Grafana). All firewall rule descriptions are standardized in English for improved clarity and consistency. Additionally, update default `server_type_swarm` and `server_type_db` variables to the recommended `CPX` series for both environments. An initial generated Ansible inventory for the test environment is also added.	2026-05-11 14:54:46 +03:00
Murat ÖZDEMİR	720c79d460	Add Hetzner Cloud production infrastructure with multi-node support - This commit introduces the Terraform configuration to provision a production environment on Hetzner Cloud, building on the existing test setup. - Key improvements and new features include: * Multi-node clusters: Scaling to 3-node Swarm application and database clusters for improved resilience. * High availability: Utilizing a Hetzner Floating IP for the application entry point and `spread` placement groups for fault tolerance across physical hosts. * Enhanced network security: Internal management services (RabbitMQ, APISIX, Prometheus, Grafana) are restricted to the application subnet, expected to be accessed via an internal reverse proxy (SWAG). * Internal database replication: New firewall rules enable PostgreSQL replication and MongoDB replica set traffic within the database subnet. * Refined test environment: Updates to align `test` configuration with the new `prod` structure, including a dedicated floating IP and adjusted firewall rules. * Configuration standardization: Environment-specific details moved to `locals.tf` for clarity, with upgraded server types and migration to Rocky Linux as the base image. - Updates were also made to the latest version of Terraform to ensure consistency in the documentation	2026-05-10 15:43:22 +03:00
Murat ÖZDEMİR	2d515f7206	Add initial Terraform infrastructure for Hetzner test environment This commit introduces the foundational Infrastructure-as-Code for provisioning a test environment on Hetzner Cloud. It defines server nodes, private networking, comprehensive firewalls, and includes documentation on resource lifecycle and safe configuration practices.	2026-05-10 14:09:23 +03:00

Author

SHA1

Message

Date

Murat ÖZDEMİR

03ad812512

Refine Hetzner firewall rules and update server types

Overhaul and expand firewall definitions for both `prod` and `test` environments to enable comprehensive inter-subnet communication.

This includes implementing explicit rules supporting:
- Docker Swarm overlay networks between application and database subnets.
- High-availability database clusters (PostgreSQL replication, MongoDB replica sets, Patroni, etcd).
- Internal access for various infrastructure services (Vault, Redis, RabbitMQ, APISIX, Prometheus, Grafana).

All firewall rule descriptions are standardized in English for improved clarity and consistency.

Additionally, update default `server_type_swarm` and `server_type_db` variables to the recommended `CPX` series for both environments. An initial generated Ansible inventory for the test environment is also added.

2026-05-11 14:54:46 +03:00

Murat ÖZDEMİR

720c79d460

Add Hetzner Cloud production infrastructure with multi-node support

- This commit introduces the Terraform configuration to provision a production environment on Hetzner Cloud, building on the existing test setup.
- Key improvements and new features include:
* **Multi-node clusters:** Scaling to 3-node Swarm application and database clusters for improved resilience.
* **High availability:** Utilizing a Hetzner Floating IP for the application entry point and `spread` placement groups for fault tolerance across physical hosts.
* **Enhanced network security:** Internal management services (RabbitMQ, APISIX, Prometheus, Grafana) are restricted to the application subnet, expected to be accessed via an internal reverse proxy (SWAG).
* **Internal database replication:** New firewall rules enable PostgreSQL replication and MongoDB replica set traffic within the database subnet.
* **Refined test environment:** Updates to align `test` configuration with the new `prod` structure, including a dedicated floating IP and adjusted firewall rules.
* **Configuration standardization:** Environment-specific details moved to `locals.tf` for clarity, with upgraded server types and migration to Rocky Linux as the base image.
- Updates were also made to the latest version of Terraform to ensure consistency in the documentation

2026-05-10 15:43:22 +03:00

Murat ÖZDEMİR

2d515f7206

Add initial Terraform infrastructure for Hetzner test environment

This commit introduces the foundational Infrastructure-as-Code for provisioning a test environment on Hetzner Cloud. It defines server nodes, private networking, comprehensive firewalls, and includes documentation on resource lifecycle and safe configuration practices.

2026-05-10 14:09:23 +03:00

3 Commits