diff --git a/terraform/.gitignore b/terraform/.gitignore new file mode 100644 index 0000000..bba4a48 --- /dev/null +++ b/terraform/.gitignore @@ -0,0 +1,7 @@ +# Секреты и state — никогда не коммитить +terraform.tfvars +*.tfstate +*.tfstate.backup +.terraform/ +.terraform.lock.hcl +crash.log diff --git a/terraform/outputs.tf b/terraform/outputs.tf new file mode 100644 index 0000000..a0a6da7 --- /dev/null +++ b/terraform/outputs.tf @@ -0,0 +1,9 @@ +output "main_ip" { + description = "Публичный IP main-сервера" + value = twc_server.main.main_ipv4 +} + +output "tools_ip" { + description = "Публичный IP tools-сервера" + value = twc_server.tools.main_ipv4 +} diff --git a/terraform/providers.tf b/terraform/providers.tf new file mode 100644 index 0000000..5d7873d --- /dev/null +++ b/terraform/providers.tf @@ -0,0 +1,14 @@ +terraform { + required_version = ">= 1.5" + + required_providers { + twc = { + source = "timeweb-cloud/timeweb-cloud" + version = "~> 1.0" + } + } +} + +provider "twc" { + token = var.timeweb_token +} diff --git a/terraform/servers.tf b/terraform/servers.tf new file mode 100644 index 0000000..b161b2f --- /dev/null +++ b/terraform/servers.tf @@ -0,0 +1,62 @@ +# ── Серверы ─────────────────────────────────────────────────────────────────── +# +# Первичная настройка (только один раз): +# 1. Узнай ID серверов: my.timeweb.cloud → Серверы → открой сервер → ID в URL +# 2. terraform import twc_server.main +# 3. terraform import twc_server.tools +# 4. terraform state show twc_server.main → скопируй cpu/ram/disk/os_id в tfvars +# 5. terraform plan → должно быть "No changes" +# +# Удаление mon: +# 1. terraform import twc_server.mon +# 2. terraform destroy -target=twc_server.mon + +resource "twc_server" "main" { + name = "main" + comment = "Основной: Traefik, Forgejo, Plane, Vaultwarden, Outline, n8n, CI/CD" + location = "ru-1" + os_id = var.server_os_id + + cpu = var.main_cpu + ram = var.main_ram + disk_size = var.main_disk_size + disk_type = "nvme" + + lifecycle { + prevent_destroy = true + } +} + +resource "twc_server" "tools" { + name = "tools" + comment = "Мониторинг: Grafana, Prometheus, Loki, AlertManager, Uptime Kuma" + location = "ru-1" + os_id = var.server_os_id + + cpu = var.tools_cpu + ram = var.tools_ram + disk_size = var.tools_disk_size + disk_type = "nvme" + + lifecycle { + prevent_destroy = true + } +} + +# mon сервер — объявлен только для импорта и удаления через terraform destroy +# После: terraform import twc_server.mon → terraform destroy -target=twc_server.mon +resource "twc_server" "mon" { + name = "mon" + comment = "DEPRECATED — к удалению" + location = "ru-1" + os_id = var.server_os_id + + cpu = 1 + ram = 1024 + disk_size = 15 + disk_type = "nvme" + + lifecycle { + prevent_destroy = false + } +} diff --git a/terraform/storage.tf b/terraform/storage.tf new file mode 100644 index 0000000..832ecee --- /dev/null +++ b/terraform/storage.tf @@ -0,0 +1,15 @@ +# ── S3 Object Storage (Timeweb) ─────────────────────────────────────────────── +# +# Импорт существующих бакетов: +# terraform import twc_s3_bucket.backup walava-backup +# terraform import twc_s3_bucket.outline walava-outline + +resource "twc_s3_bucket" "backup" { + name = "walava-backup" + preset_id = var.s3_preset_id +} + +resource "twc_s3_bucket" "outline" { + name = "walava-outline" + preset_id = var.s3_preset_id +} diff --git a/terraform/terraform.tfvars.example b/terraform/terraform.tfvars.example new file mode 100644 index 0000000..7da61ed --- /dev/null +++ b/terraform/terraform.tfvars.example @@ -0,0 +1,17 @@ +# Скопируй в terraform.tfvars и заполни значениями +# terraform.tfvars в .gitignore — не коммитить! + +timeweb_token = "your-api-token-here" + +# Узнать после terraform import + terraform state show: +server_os_id = 61 # Ubuntu 22.04 + +main_cpu = 4 +main_ram = 8192 +main_disk_size = 80 + +tools_cpu = 2 +tools_ram = 4096 +tools_disk_size = 40 + +s3_preset_id = 1 # ID тарифа S3 — посмотри в панели или data source diff --git a/terraform/variables.tf b/terraform/variables.tf new file mode 100644 index 0000000..e142e1d --- /dev/null +++ b/terraform/variables.tf @@ -0,0 +1,55 @@ +variable "timeweb_token" { + description = "Timeweb Cloud API token (my.timeweb.cloud → API → Токены)" + type = string + sensitive = true +} + +# Ubuntu 22.04 LTS — узнать ID: twc_os data source или панель Timeweb +variable "server_os_id" { + description = "OS ID для серверов (Ubuntu 22.04)" + type = number + default = 61 # Ubuntu 22.04 в Timeweb +} + +# ── main сервер ──────────────────────────────────────────────────────────────── +variable "main_cpu" { + type = number + default = 4 +} + +variable "main_ram" { + description = "RAM в MB" + type = number + default = 8192 +} + +variable "main_disk_size" { + description = "Диск в GB" + type = number + default = 80 +} + +# ── tools сервер ─────────────────────────────────────────────────────────────── +variable "tools_cpu" { + type = number + default = 2 +} + +variable "tools_ram" { + description = "RAM в MB" + type = number + default = 4096 +} + +variable "tools_disk_size" { + description = "Диск в GB" + type = number + default = 40 +} + +# ── S3 Object Storage ────────────────────────────────────────────────────────── +variable "s3_preset_id" { + description = "ID тарифного плана S3 (посмотри: terraform state show twc_s3_bucket.backup после импорта)" + type = number + default = 1 +}