nix-config-ryan4yin/infra

Infrastructure as Code

This directory contains Infrastructure as Code (IaC) configurations using Terraform, primarily for managing storage and backend services.

Current Structure

infra/
├── README.md
└── minio/                    # MinIO S3-compatible storage configurations
    ├── loki/                 # Loki log storage buckets
    │   ├── README.md
    │   ├── loki.tf          # Loki-specific bucket configuration
    │   ├── main.tf          # Main Terraform configuration
    │   └── run.sh           # Deployment script
    └── tf-s3-backend/        # Terraform S3 backend setup
        ├── README.md
        ├── main.tf          # Main configuration
        ├── run.sh           # Deployment script
        └── tf-s3-backend.tf # Backend bucket configuration

Services Overview

MinIO Storage

• Loki Buckets: Dedicated storage for Grafana Loki log aggregation
• Terraform Backend: Centralized state management for all Terraform configurations

External Resources

• Kubernetes YAML: Managed in separate repository ryan4yin/k8s-gitops
• Secrets Management: Handled via agenix in ../secrets

Usage

Each subdirectory contains its own Terraform configuration:

1. Navigate to specific service:

   cd infra/minio/loki
   

2. Deploy configuration:

   ./run.sh
   

3. Manual deployment:

   terraform init
   terraform plan
   terraform apply
   

Security Considerations

• All storage buckets are configured with appropriate access policies
• State files are encrypted at rest
• Access credentials are managed through environment variables
• Network access is restricted to necessary hosts only