Murat ÖZDEMİR bf8f011e43 Restructure setup documentation and refine environment bootstrapping

This commit introduces a reordered and renumbered set of setup documentation files to better reflect the deployment stages for both test and production environments.

Key changes include:
*   A new `setup-vs-roadmap-map.md` file to provide a clear mapping between roadmap tasks and their corresponding setup phases.
*   Significantly expanded Ansible bootstrap documentation for both test and production, detailing Docker, Swarm, security hardening, and StorageBox SSH key management roles.
*   Formalized database Docker and Swarm cluster setup instructions for test and production, including explicit steps for Swarm worker integration of DB nodes.
*   Updated roadmap documentation (`roadmap/prod-env/*`) to align with the refined setup, incorporating correct private IP addresses for Swarm joins, new node labels, and floating IP usage for GoDaddy DNS records.

2026-05-11 17:47:30 +03:00

4.3 KiB

Raw Blame History

Setup Aşamaları — Roadmap Eşleştirme Tablosu

Bu tablo, roadmap/test-env ve roadmap/prod-env klasörlerindeki yol haritası adımlarının Terraform/Ansible setup aşamalarından hangisinde ele alındığını gösterir.

TEST ortamı

Roadmap adımı	Hangi aşamada ele alınmalı
Hetzner firewall (sadece 22/80/443)	Terraform `02-test-terraform-iaac.md` — `firewall.tf`
Sunucu oluşturma (`iklim-app-01`, `iklim-db-01`)	Terraform `02-test-terraform-iaac.md` — `servers.tf`
Private network + placement group (`iklim-test-spread`)	Terraform `02-test-terraform-iaac.md` — `network.tf`, `placement.tf`
Floating IP (`iklim-test-app-fip`)	Terraform `02-test-terraform-iaac.md` — `floating_ip.tf`
Docker Engine kurulumu (app + db node)	Ansible `03-test-ansible-bootstrap.md` — `docker` role
Security hardening (SSH, firewalld, fail2ban)	Ansible `03-test-ansible-bootstrap.md` — `hardening` role
Docker Swarm init + `iklim-db-01` worker join	Ansible `03-test-ansible-bootstrap.md` — `swarm` role
`type=service` ve `role=db` node label'ları	Ansible `03-test-ansible-bootstrap.md` — `swarm` role
`/opt/iklimco/...` dizinleri	Ansible `03-test-ansible-bootstrap.md` — `node_dirs` role
StorageBox DAVFS mount (`u469968-sub4`)	Ansible `03-test-ansible-bootstrap.md` — `storagebox` role
DB stack deploy (PostgreSQL + MongoDB on `iklim-db-01`)	Manuel `04-test-db-docker-kurulum.md`
`act_runner` systemd kurulumu	Ansible `05-test-runner-ve-deploy-onkosullari.md` — `gitea_runner` role
GoDaddy credentials storagebox'a yükleme	Manuel kalır — secret yönetimi, Terraform/Ansible dışı

PROD ortamı

Roadmap adımı	Hangi aşamada ele alınmalı
6 sunucu oluşturma (`iklim-app-01/02/03`, `iklim-db-01/02/03`)	Terraform `06-prod-terraform-iaac.md` — `servers.tf`
Private network + 2 placement group	Terraform `06-prod-terraform-iaac.md` — `network.tf`, `placement.tf`
Firewall (sadece 22/80/443 public; private port matrisi)	Terraform `06-prod-terraform-iaac.md` — `firewall.tf`
Floating IP (`iklim-prod-app-fip`, `iklim-app-01`'e atanır)	Terraform `06-prod-terraform-iaac.md` — `floating_ip.tf`
Docker Engine kurulumu (tüm node'lar — app ve db)	Ansible `07-prod-ansible-bootstrap.md` — `docker` role
Security hardening (tüm node'lar)	Ansible `07-prod-ansible-bootstrap.md` — `hardening` role
Swarm init (`iklim-app-01`) + manager join (`iklim-app-02/03`)	Ansible `07-prod-ansible-bootstrap.md` — `swarm` role
`type=service` node label (3 app node)	Ansible `07-prod-ansible-bootstrap.md` — `swarm` role
`/opt/iklimco/...` dizinleri + `/opt/iklimco/stacks`	Ansible `07-prod-ansible-bootstrap.md` — `node_dirs` role
StorageBox DAVFS mount (`u469968-sub5`)	Ansible `07-prod-ansible-bootstrap.md` — `storagebox` role
DB node'larını Swarm'a worker olarak join et	Manuel `08-prod-db-cluster-kurulum.md` — Bölüm 2
`role=db` node label (3 db node)	Manuel `08-prod-db-cluster-kurulum.md` — Bölüm 2
etcd cluster deploy (Patroni için)	Manuel `08-prod-db-cluster-kurulum.md` — Bölüm 5.2
MongoDB replica set deploy	Manuel `08-prod-db-cluster-kurulum.md` — Bölüm 4
Patroni + PostgreSQL HA deploy	Manuel `08-prod-db-cluster-kurulum.md` — Bölüm 5.4
3× `act_runner` systemd (HA runner)	Ansible `09-prod-runner-ha-ve-swarm.md` — `gitea_runner` role
GoDaddy credentials storagebox'a yükleme	Manuel kalır — secret yönetimi, Terraform/Ansible dışı

Klasör yapısı

Environment_Infrastructure/
  setup/                              ← Terraform + Ansible aşama dokümanları
    00-genel-yol-haritasi.md
    01-private-network-port-matrisi.md
    02-test-terraform-iaac.md
    03-test-ansible-bootstrap.md
    04-test-db-docker-kurulum.md
    05-test-runner-ve-deploy-onkosullari.md
    06-prod-terraform-iaac.md
    07-prod-ansible-bootstrap.md
    08-prod-db-cluster-kurulum.md
    09-prod-runner-ha-ve-swarm.md
  roadmap/
    test-env/                         ← Test ortamı Roadmap adımları
    prod-env/                         ← Prod Roadmap adımları
  setup-vs-roadmap-map.md             ← Bu dosya

4.3 KiB Raw Blame History Unescape Escape

Setup Aşamaları — Roadmap Eşleştirme Tablosu

TEST ortamı

PROD ortamı

Klasör yapısı

4.3 KiB

Raw Blame History