Environment_Infrastructure/setup-vs-roadmap-map.md

# Setup Aşamaları — Roadmap Eşleştirme Tablosu

Bu tablo, `roadmap/test-env` ve `roadmap/prod-env` klasörlerindeki yol haritası adımlarının
Terraform/Ansible setup aşamalarından hangisinde ele alındığını gösterir.

## TEST ortamı

| Roadmap adımı                                              | Hangi aşamada ele alınmalı                                                                                  |
| ---------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------- |
| Hetzner firewall (sadece 22/80/443)                        | **Terraform `01-test-terraform-iaac.md`** — `firewall.tf`                                                   |
| Sunucu oluşturma (`iklim-app-01`, `iklim-db-01`)           | **Terraform `01-test-terraform-iaac.md`** — `servers.tf`                                                    |
| Private network + placement group (`iklim-test-spread`)    | **Terraform `01-test-terraform-iaac.md`** — `network.tf`, `placement.tf`                                    |
| Floating IP (`iklim-test-app-fip`)                       | **Terraform `01-test-terraform-iaac.md`** — `floating_ip.tf`                                                |
| Docker Engine kurulumu                                     | **Ansible `02-test-ansible-bootstrap.md`** — `docker` role                                                  |
| Security hardening (SSH, firewalld, fail2ban)              | **Ansible `02-test-ansible-bootstrap.md`** — `hardening` role                                               |
| Docker Swarm init (`init/swarm-init.sh`)                   | **Ansible `02-test-ansible-bootstrap.md`** — `swarm` role (pipeline script idempotent çalışmaya devam eder) |
| `type=service` node label                                  | **Ansible `02-test-ansible-bootstrap.md`** — `swarm` role                                                   |
| `/opt/iklimco/...` dizinleri                               | **Ansible `02-test-ansible-bootstrap.md`** — `node_dirs` role                                               |
| StorageBox DAVFS mount (`u469968-sub1`)                    | **Ansible `02-test-ansible-bootstrap.md`** — `storagebox` role                                              |
| `act_runner` systemd kurulumu                              | **Ansible `03-test-runner-ve-deploy-onkosullari.md`** — `gitea_runner` role                                 |
| GoDaddy credentials storagebox'a yükleme                   | **Manuel kalır** — secret yönetimi, Terraform/Ansible dışı                                                  |

## PROD ortamı

| Roadmap adımı                                                       | Hangi aşamada ele alınmalı                                               |
| -------------------------------------------------------------------- | ------------------------------------------------------------------------ |
| 6 sunucu oluşturma (`iklim-app-01/02/03`, `iklim-db-01/02/03`)      | **Terraform `04-prod-terraform-iaac.md`** — `servers.tf`                 |
| Private network + 2 placement group                                  | **Terraform `04-prod-terraform-iaac.md`** — `network.tf`, `placement.tf` |
| Firewall (sadece 22/80/443 public)                                   | **Terraform `04-prod-terraform-iaac.md`** — `firewall.tf`                |
| Floating IP (`iklim-prod-app-fip`, `iklim-app-01`'e atanır)         | **Terraform `04-prod-terraform-iaac.md`** — `floating_ip.tf`             |
| Docker Engine kurulumu (`iklim-app-*`)                               | **Ansible `05-prod-ansible-bootstrap.md`** — `docker` role               |
| Security hardening (tüm node'lar)                                    | **Ansible `05-prod-ansible-bootstrap.md`** — `hardening` role            |
| Swarm init (`iklim-app-01`)                                          | **Ansible `05-prod-ansible-bootstrap.md`** — `swarm` role                |
| Manager join (`iklim-app-02`, `iklim-app-03`)                        | **Ansible `05-prod-ansible-bootstrap.md`** — `swarm` role                |
| `type=service` node label (3 swarm node)                             | **Ansible `05-prod-ansible-bootstrap.md`** — `swarm` role                |
| `/opt/iklimco/...` dizinleri                                         | **Ansible `05-prod-ansible-bootstrap.md`** — `node_dirs` role            |
| StorageBox DAVFS mount (`u469968-sub2`)                              | **Ansible `05-prod-ansible-bootstrap.md`** — `storagebox` role           |
| 3× `act_runner` systemd (HA runner)                                  | **Ansible `06-prod-runner-ha-ve-swarm.md`** — `gitea_runner` role        |
| GoDaddy credentials storagebox'a yükleme                             | **Manuel kalır** — secret yönetimi, Terraform/Ansible dışı               |
| DB node'ları Swarm'a join                                            | **Kapsam dışı** — DB cluster ayrı yönetilir                              |

## Klasör yapısı

```
Environment_Infrastructure/
  setup/                         ← Terraform + Ansible aşama dokümanları
    00-genel-yol-haritasi.md
    01-test-terraform-iaac.md
    02-test-ansible-bootstrap.md
    03-test-runner-ve-deploy-onkosullari.md
    04-prod-terraform-iaac.md
    05-prod-ansible-bootstrap.md
    06-prod-runner-ha-ve-swarm.md
    07-private-network-port-matrisi.md
  roadmap/
    test-env/                    ← Test ortamı Roadmap adımları
    prod-env/                    ← Prod Roadmap adımları
  setup-vs-roadmap-map.md        ← Bu dosya
```