feat: update docs via LLM (#216)

2026-01-11 20:40:24 +01:00 · 2025-08-21 15:32:50 +08:00
parent a9bc0ebdb8
commit cb47adb6b3
9 changed files with 496 additions and 53 deletions
--- a/infra/README.md
+++ b/infra/README.md
@@ -1,6 +1,65 @@
 # Infrastructure as Code

-Home for my infra-as-code - terraform configs.
+This directory contains Infrastructure as Code (IaC) configurations using Terraform, primarily for
+managing storage and backend services.

-Kubernetes's yaml are stored in a separate repo:
-[ryan4yin/k8s-gitops](https://github.com/ryan4yin/k8s-gitops).
+## Current Structure
+
+```
+infra/
+├── README.md
+└── minio/                    # MinIO S3-compatible storage configurations
+    ├── loki/                 # Loki log storage buckets
+    │   ├── README.md
+    │   ├── loki.tf          # Loki-specific bucket configuration
+    │   ├── main.tf          # Main Terraform configuration
+    │   └── run.sh           # Deployment script
+    └── tf-s3-backend/        # Terraform S3 backend setup
+        ├── README.md
+        ├── main.tf          # Main configuration
+        ├── run.sh           # Deployment script
+        └── tf-s3-backend.tf # Backend bucket configuration
+```
+
+## Services Overview
+
+### MinIO Storage
+
+- **Loki Buckets**: Dedicated storage for Grafana Loki log aggregation
+- **Terraform Backend**: Centralized state management for all Terraform configurations
+
+### External Resources
+
+- **Kubernetes YAML**: Managed in separate repository
+  [ryan4yin/k8s-gitops](https://github.com/ryan4yin/k8s-gitops)
+- **Secrets Management**: Handled via agenix in [../secrets](../secrets/)
+
+## Usage
+
+Each subdirectory contains its own Terraform configuration:
+
+1. **Navigate to specific service**:
+
+   ```bash
+   cd infra/minio/loki
+   ```
+
+2. **Deploy configuration**:
+
+   ```bash
+   ./run.sh
+   ```
+
+3. **Manual deployment**:
+   ```bash
+   terraform init
+   terraform plan
+   terraform apply
+   ```
+
+## Security Considerations
+
+- All storage buckets are configured with appropriate access policies
+- State files are encrypted at rest
+- Access credentials are managed through environment variables
+- Network access is restricted to necessary hosts only