Murat ÖZDEMİR 5fe57ee108 Implement: Declarative act_runner configuration and Docker integration

Migrates `act_runner` configuration from shell-generated to an Ansible-templated `config.yaml`. This enables:
- Dynamic label provisioning, including `test-runner:docker://ubuntu:22.04`.
- Explicit configuration for joining the `iklimco-net` overlay network.
- Docker socket mounting for CI/CD jobs to interact with the Docker daemon.

Updates `setup/05-test-runner-ve-deploy-onkosullari.md` and other related documentation to reflect the new automated and integrated runner setup.

2026-05-12 19:49:24 +03:00

5.1 KiB

Raw Blame History

Setup Aşamaları — Roadmap Eşleştirme Tablosu

Bu tablo, roadmap/test-env ve roadmap/prod-env klasörlerindeki yol haritası adımlarının Terraform/Ansible setup aşamalarından hangisinde ele alındığını gösterir.

TEST ortamı

Roadmap adımı	Hangi aşamada ele alınmalı
Hetzner firewall (sadece 22/80/443)	Terraform `02-test-terraform-iaac.md` — `firewall.tf`
Sunucu oluşturma (`iklim-app-01`, `iklim-db-01`)	Terraform `02-test-terraform-iaac.md` — `servers.tf`
Private network + placement group (`iklim-test-spread`)	Terraform `02-test-terraform-iaac.md` — `network.tf`, `placement.tf`
Floating IP (`iklim-test-app-fip`)	Terraform `02-test-terraform-iaac.md` — `floating_ip.tf`
Docker Engine kurulumu (app + db node)	Ansible `03-test-ansible-bootstrap.md` — `docker` role
Security hardening (SSH, firewalld, fail2ban)	Ansible `03-test-ansible-bootstrap.md` — `hardening` role
Docker Swarm init + `iklim-db-01` worker join	Ansible `03-test-ansible-bootstrap.md` — `swarm` role
`type=service` ve `role=db` node label'ları	Ansible `03-test-ansible-bootstrap.md` — `swarm` role
`/opt/iklimco/...` dizinleri	Ansible `03-test-ansible-bootstrap.md` — `node_dirs` role
StorageBox DAVFS mount (`u469968-sub4`)	Ansible `03-test-ansible-bootstrap.md` — `storagebox` role
DB stack deploy (PostgreSQL + MongoDB on `iklim-db-01`)	Manuel `04-test-db-docker-kurulum.md`
`act_runner` systemd kurulumu	Ansible `05-test-runner-ve-deploy-onkosullari.md` — `act_runner` role (`test-app-post-stack.yml`)
GoDaddy credentials storagebox'a yükleme	Manuel kalır — secret yönetimi, Terraform/Ansible dışı
`docker-stack-infra.yml` port kaldırma + SWAG/cert-reloader ekleme	Pipeline `deploy-test.yml` + repo değişikliği — `roadmap/test-env/03`
SWAG nginx proxy conf'ları (`swag/proxy-confs/*.conf.tpl`)	Repo içinde teslim edildi — `roadmap/test-env/04`
APISIX SSL cert yükleme bloğu kaldırma (`init/apisix-core/init.sh`)	Repo değişikliği — `roadmap/test-env/05`
cert-reloader sidecar servisi	`docker-stack-infra.yml`'e eklendi — `roadmap/test-env/06`
Pipeline güncelleme: Prepare SWAG Dirs + Bootstrap SWAG Cert + Run DB Init	`deploy-test.yml` — `roadmap/test-env/07`
Deployment sonrası doğrulama kontrol listesi	Manuel `roadmap/test-env/08-verify.md`

PROD ortamı

Roadmap adımı	Hangi aşamada ele alınmalı
6 sunucu oluşturma (`iklim-app-01/02/03`, `iklim-db-01/02/03`)	Terraform `06-prod-terraform-iaac.md` — `servers.tf`
Private network + 2 placement group	Terraform `06-prod-terraform-iaac.md` — `network.tf`, `placement.tf`
Firewall (sadece 22/80/443 public; private port matrisi)	Terraform `06-prod-terraform-iaac.md` — `firewall.tf`
Floating IP (`iklim-prod-app-fip`, `iklim-app-01`'e atanır)	Terraform `06-prod-terraform-iaac.md` — `floating_ip.tf`
Docker Engine kurulumu (tüm node'lar — app ve db)	Ansible `07-prod-ansible-bootstrap.md` — `docker` role
Security hardening (tüm node'lar)	Ansible `07-prod-ansible-bootstrap.md` — `hardening` role
Swarm init (`iklim-app-01`) + manager join (`iklim-app-02/03`)	Ansible `07-prod-ansible-bootstrap.md` — `swarm` role
`type=service` node label (3 app node)	Ansible `07-prod-ansible-bootstrap.md` — `swarm` role
`/opt/iklimco/...` dizinleri + `/opt/iklimco/stacks`	Ansible `07-prod-ansible-bootstrap.md` — `node_dirs` role
StorageBox DAVFS mount (`u469968-sub5`)	Ansible `07-prod-ansible-bootstrap.md` — `storagebox` role
DB node'larını Swarm'a worker olarak join et	Manuel `08-prod-db-cluster-kurulum.md` — Bölüm 2
`role=db` node label (3 db node)	Manuel `08-prod-db-cluster-kurulum.md` — Bölüm 2
etcd cluster deploy (Patroni için)	Manuel `08-prod-db-cluster-kurulum.md` — Bölüm 5.2
MongoDB replica set deploy	Manuel `08-prod-db-cluster-kurulum.md` — Bölüm 4
Patroni + PostgreSQL HA deploy	Manuel `08-prod-db-cluster-kurulum.md` — Bölüm 5.4
3× `act_runner` systemd (HA runner)	Ansible `09-prod-runner-ha-ve-swarm.md` — `act_runner` role
GoDaddy credentials storagebox'a yükleme	Manuel kalır — secret yönetimi, Terraform/Ansible dışı

Klasör yapısı

Environment_Infrastructure/
  setup/                              ← Terraform + Ansible aşama dokümanları
    00-genel-yol-haritasi.md
    01-private-network-port-matrisi.md
    02-test-terraform-iaac.md
    03-test-ansible-bootstrap.md
    04-test-db-docker-kurulum.md
    05-test-runner-ve-deploy-onkosullari.md
    06-prod-terraform-iaac.md
    07-prod-ansible-bootstrap.md
    08-prod-db-cluster-kurulum.md
    09-prod-runner-ha-ve-swarm.md
  roadmap/
    test-env/                         ← Test ortamı Roadmap adımları
    prod-env/                         ← Prod Roadmap adımları
  setup-vs-roadmap-map.md             ← Bu dosya

5.1 KiB Raw Blame History Unescape Escape

Setup Aşamaları — Roadmap Eşleştirme Tablosu

TEST ortamı

PROD ortamı

Klasör yapısı

5.1 KiB

Raw Blame History