starred/nix-config-ryan4yin
1
0
Fork 0
mirror of https://github.com/ryan4yin/nix-config.git synced 2026-01-11 22:30:25 +01:00
Code Issues Packages Projects Releases 10 Wiki Activity
Files
main
nix-config-ryan4yin/infra/README.md
Ryan Yin cb47adb6b3 feat: update docs via LLM (#216)
2025-08-21 15:32:50 +08:00

66 lines
1.8 KiB
Markdown
Raw Permalink Blame History

# Infrastructure as Code
This directory contains Infrastructure as Code (IaC) configurations using Terraform, primarily for
managing storage and backend services.
## Current Structure
```
infra/
├── README.md
└── minio/ # MinIO S3-compatible storage configurations
├── loki/ # Loki log storage buckets
│ ├── README.md
│ ├── loki.tf # Loki-specific bucket configuration
│ ├── main.tf # Main Terraform configuration
│ └── run.sh # Deployment script
└── tf-s3-backend/ # Terraform S3 backend setup
├── README.md
├── main.tf # Main configuration
├── run.sh # Deployment script
└── tf-s3-backend.tf # Backend bucket configuration
```
## Services Overview
### MinIO Storage
- **Loki Buckets**: Dedicated storage for Grafana Loki log aggregation
- **Terraform Backend**: Centralized state management for all Terraform configurations
### External Resources
- **Kubernetes YAML**: Managed in separate repository
[ryan4yin/k8s-gitops](https://github.com/ryan4yin/k8s-gitops)
- **Secrets Management**: Handled via agenix in [../secrets](../secrets/)
## Usage
Each subdirectory contains its own Terraform configuration:
1. **Navigate to specific service**:
```bash
cd infra/minio/loki
```
2. **Deploy configuration**:
```bash
./run.sh
```
3. **Manual deployment**:
```bash
terraform init
terraform plan
terraform apply
```
## Security Considerations
- All storage buckets are configured with appropriate access policies
- State files are encrypted at rest
- Access credentials are managed through environment variables
- Network access is restricted to necessary hosts only
Reference in New Issue View Git Blame Copy Permalink