feat: add Terraform config for Timeweb Cloud infrastructure

Manages main + tools servers and S3 buckets (walava-backup, walava-outline). Includes mon server resource for import + destroy workflow. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-27 04:15:27 +07:00 · 2026-03-27 04:15:27 +07:00 · 862eac5f11
commit 862eac5f11
parent fde51352d7
7 changed files with 179 additions and 0 deletions
--- a/terraform/.gitignore
+++ b/terraform/.gitignore
@ -0,0 +1,7 @@
 # Секреты и state — никогда не коммитить
 terraform.tfvars
 *.tfstate
 *.tfstate.backup
 .terraform/
 .terraform.lock.hcl
 crash.log
--- a/terraform/outputs.tf
+++ b/terraform/outputs.tf
@ -0,0 +1,9 @@
 output "main_ip" {
  description = "Публичный IP main-сервера"
  value       = twc_server.main.main_ipv4
 }
 output "tools_ip" {
  description = "Публичный IP tools-сервера"
  value       = twc_server.tools.main_ipv4
 }
--- a/terraform/providers.tf
+++ b/terraform/providers.tf
@ -0,0 +1,14 @@
 terraform {
  required_version = ">= 1.5"
  required_providers {
    twc = {
      source  = "timeweb-cloud/timeweb-cloud"
      version = "~> 1.0"
    }
  }
 }
 provider "twc" {
  token = var.timeweb_token
 }
--- a/terraform/servers.tf
+++ b/terraform/servers.tf
@ -0,0 +1,62 @@
 # ── Серверы ───────────────────────────────────────────────────────────────────
 #
 # Первичная настройка (только один раз):
 # 1. Узнай ID серверов: my.timeweb.cloud → Серверы → открой сервер → ID в URL
 # 2. terraform import twc_server.main  <ID>
 # 3. terraform import twc_server.tools <ID>
 # 4. terraform state show twc_server.main  → скопируй cpu/ram/disk/os_id в tfvars
 # 5. terraform plan  → должно быть "No changes"
 #
 # Удаление mon:
 # 1. terraform import twc_server.mon <ID>
 # 2. terraform destroy -target=twc_server.mon
 resource "twc_server" "main" {
  name     = "main"
  comment  = "Основной: Traefik, Forgejo, Plane, Vaultwarden, Outline, n8n, CI/CD"
  location = "ru-1"
  os_id    = var.server_os_id
  cpu       = var.main_cpu
  ram       = var.main_ram
  disk_size = var.main_disk_size
  disk_type = "nvme"
  lifecycle {
    prevent_destroy = true
  }
 }
 resource "twc_server" "tools" {
  name     = "tools"
  comment  = "Мониторинг: Grafana, Prometheus, Loki, AlertManager, Uptime Kuma"
  location = "ru-1"
  os_id    = var.server_os_id
  cpu       = var.tools_cpu
  ram       = var.tools_ram
  disk_size = var.tools_disk_size
  disk_type = "nvme"
  lifecycle {
    prevent_destroy = true
  }
 }
 # mon сервер — объявлен только для импорта и удаления через terraform destroy
 # После: terraform import twc_server.mon <ID>  →  terraform destroy -target=twc_server.mon
 resource "twc_server" "mon" {
  name     = "mon"
  comment  = "DEPRECATED — к удалению"
  location = "ru-1"
  os_id    = var.server_os_id
  cpu       = 1
  ram       = 1024
  disk_size = 15
  disk_type = "nvme"
  lifecycle {
    prevent_destroy = false
  }
 }
--- a/terraform/storage.tf
+++ b/terraform/storage.tf
@ -0,0 +1,15 @@
 # ── S3 Object Storage (Timeweb) ───────────────────────────────────────────────
 #
 # Импорт существующих бакетов:
 #   terraform import twc_s3_bucket.backup  walava-backup
 #   terraform import twc_s3_bucket.outline walava-outline
 resource "twc_s3_bucket" "backup" {
  name          = "walava-backup"
  preset_id     = var.s3_preset_id
 }
 resource "twc_s3_bucket" "outline" {
  name          = "walava-outline"
  preset_id     = var.s3_preset_id
 }
--- a/terraform/terraform.tfvars.example
+++ b/terraform/terraform.tfvars.example
@ -0,0 +1,17 @@
 # Скопируй в terraform.tfvars и заполни значениями
 # terraform.tfvars в .gitignore — не коммитить!
 timeweb_token = "your-api-token-here"
 # Узнать после terraform import + terraform state show:
 server_os_id = 61   # Ubuntu 22.04
 main_cpu       = 4
 main_ram       = 8192
 main_disk_size = 80
 tools_cpu       = 2
 tools_ram       = 4096
 tools_disk_size = 40
 s3_preset_id = 1  # ID тарифа S3 — посмотри в панели или data source
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@ -0,0 +1,55 @@
 variable "timeweb_token" {
  description = "Timeweb Cloud API token (my.timeweb.cloud → API → Токены)"
  type        = string
  sensitive   = true
 }
 # Ubuntu 22.04 LTS — узнать ID: twc_os data source или панель Timeweb
 variable "server_os_id" {
  description = "OS ID для серверов (Ubuntu 22.04)"
  type        = number
  default     = 61  # Ubuntu 22.04 в Timeweb
 }
 # ── main сервер ────────────────────────────────────────────────────────────────
 variable "main_cpu" {
  type    = number
  default = 4
 }
 variable "main_ram" {
  description = "RAM в MB"
  type        = number
  default     = 8192
 }
 variable "main_disk_size" {
  description = "Диск в GB"
  type        = number
  default     = 80
 }
 # ── tools сервер ───────────────────────────────────────────────────────────────
 variable "tools_cpu" {
  type    = number
  default = 2
 }
 variable "tools_ram" {
  description = "RAM в MB"
  type        = number
  default     = 4096
 }
 variable "tools_disk_size" {
  description = "Диск в GB"
  type        = number
  default     = 40
 }
 # ── S3 Object Storage ──────────────────────────────────────────────────────────
 variable "s3_preset_id" {
  description = "ID тарифного плана S3 (посмотри: terraform state show twc_s3_bucket.backup после импорта)"
  type        = number
  default     = 1
 }