feat: add Terraform config for Timeweb Cloud infrastructure

Manages main + tools servers and S3 buckets (walava-backup, walava-outline). Includes mon server resource for import + destroy workflow. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-27 04:15:27 +07:00 · 2026-03-27 04:15:27 +07:00 · 862eac5f11
commit 862eac5f11
parent fde51352d7
7 changed files with 179 additions and 0 deletions
--- a/terraform/.gitignore
+++ b/terraform/.gitignore
@ -0,0 +1,7 @@
+# Секреты и state — никогда не коммитить
+terraform.tfvars
+*.tfstate
+*.tfstate.backup
+.terraform/
+.terraform.lock.hcl
+crash.log
--- a/terraform/outputs.tf
+++ b/terraform/outputs.tf
@ -0,0 +1,9 @@
+output "main_ip" {
+  description = "Публичный IP main-сервера"
+  value       = twc_server.main.main_ipv4
+}
+
+output "tools_ip" {
+  description = "Публичный IP tools-сервера"
+  value       = twc_server.tools.main_ipv4
+}
--- a/terraform/providers.tf
+++ b/terraform/providers.tf
@ -0,0 +1,14 @@
+terraform {
+  required_version = ">= 1.5"
+
+  required_providers {
+    twc = {
+      source  = "timeweb-cloud/timeweb-cloud"
+      version = "~> 1.0"
+    }
+  }
+}
+
+provider "twc" {
+  token = var.timeweb_token
+}
--- a/terraform/servers.tf
+++ b/terraform/servers.tf
@ -0,0 +1,62 @@
+# ── Серверы ───────────────────────────────────────────────────────────────────
+#
+# Первичная настройка (только один раз):
+# 1. Узнай ID серверов: my.timeweb.cloud → Серверы → открой сервер → ID в URL
+# 2. terraform import twc_server.main  <ID>
+# 3. terraform import twc_server.tools <ID>
+# 4. terraform state show twc_server.main  → скопируй cpu/ram/disk/os_id в tfvars
+# 5. terraform plan  → должно быть "No changes"
+#
+# Удаление mon:
+# 1. terraform import twc_server.mon <ID>
+# 2. terraform destroy -target=twc_server.mon
+
+resource "twc_server" "main" {
+  name     = "main"
+  comment  = "Основной: Traefik, Forgejo, Plane, Vaultwarden, Outline, n8n, CI/CD"
+  location = "ru-1"
+  os_id    = var.server_os_id
+
+  cpu       = var.main_cpu
+  ram       = var.main_ram
+  disk_size = var.main_disk_size
+  disk_type = "nvme"
+
+  lifecycle {
+    prevent_destroy = true
+  }
+}
+
+resource "twc_server" "tools" {
+  name     = "tools"
+  comment  = "Мониторинг: Grafana, Prometheus, Loki, AlertManager, Uptime Kuma"
+  location = "ru-1"
+  os_id    = var.server_os_id
+
+  cpu       = var.tools_cpu
+  ram       = var.tools_ram
+  disk_size = var.tools_disk_size
+  disk_type = "nvme"
+
+  lifecycle {
+    prevent_destroy = true
+  }
+}
+
+# mon сервер — объявлен только для импорта и удаления через terraform destroy
+# После: terraform import twc_server.mon <ID>  →  terraform destroy -target=twc_server.mon
+resource "twc_server" "mon" {
+  name     = "mon"
+  comment  = "DEPRECATED — к удалению"
+  location = "ru-1"
+  os_id    = var.server_os_id
+
+  cpu       = 1
+  ram       = 1024
+  disk_size = 15
+  disk_type = "nvme"
+
+  lifecycle {
+    prevent_destroy = false
+  }
+}
--- a/terraform/storage.tf
+++ b/terraform/storage.tf
@ -0,0 +1,15 @@
+# ── S3 Object Storage (Timeweb) ───────────────────────────────────────────────
+#
+# Импорт существующих бакетов:
+#   terraform import twc_s3_bucket.backup  walava-backup
+#   terraform import twc_s3_bucket.outline walava-outline
+
+resource "twc_s3_bucket" "backup" {
+  name          = "walava-backup"
+  preset_id     = var.s3_preset_id
+}
+
+resource "twc_s3_bucket" "outline" {
+  name          = "walava-outline"
+  preset_id     = var.s3_preset_id
+}
--- a/terraform/terraform.tfvars.example
+++ b/terraform/terraform.tfvars.example
@ -0,0 +1,17 @@
+# Скопируй в terraform.tfvars и заполни значениями
+# terraform.tfvars в .gitignore — не коммитить!
+
+timeweb_token = "your-api-token-here"
+
+# Узнать после terraform import + terraform state show:
+server_os_id = 61   # Ubuntu 22.04
+
+main_cpu       = 4
+main_ram       = 8192
+main_disk_size = 80
+
+tools_cpu       = 2
+tools_ram       = 4096
+tools_disk_size = 40
+
+s3_preset_id = 1  # ID тарифа S3 — посмотри в панели или data source
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@ -0,0 +1,55 @@
+variable "timeweb_token" {
+  description = "Timeweb Cloud API token (my.timeweb.cloud → API → Токены)"
+  type        = string
+  sensitive   = true
+}
+
+# Ubuntu 22.04 LTS — узнать ID: twc_os data source или панель Timeweb
+variable "server_os_id" {
+  description = "OS ID для серверов (Ubuntu 22.04)"
+  type        = number
+  default     = 61  # Ubuntu 22.04 в Timeweb
+}
+
+# ── main сервер ────────────────────────────────────────────────────────────────
+variable "main_cpu" {
+  type    = number
+  default = 4
+}
+
+variable "main_ram" {
+  description = "RAM в MB"
+  type        = number
+  default     = 8192
+}
+
+variable "main_disk_size" {
+  description = "Диск в GB"
+  type        = number
+  default     = 80
+}
+
+# ── tools сервер ───────────────────────────────────────────────────────────────
+variable "tools_cpu" {
+  type    = number
+  default = 2
+}
+
+variable "tools_ram" {
+  description = "RAM в MB"
+  type        = number
+  default     = 4096
+}
+
+variable "tools_disk_size" {
+  description = "Диск в GB"
+  type        = number
+  default     = 40
+}
+
+# ── S3 Object Storage ──────────────────────────────────────────────────────────
+variable "s3_preset_id" {
+  description = "ID тарифного плана S3 (посмотри: terraform state show twc_s3_bucket.backup после импорта)"
+  type        = number
+  default     = 1
+}