tofu setup

2026-04-27 21:00:07 +02:00
parent 7132f5000e
commit d3690d0597
63 changed files with 4809 additions and 9 deletions
--- a/.tofu/platforms/gke/dev/main.tf
+++ b/.tofu/platforms/gke/dev/main.tf
@@ -0,0 +1,31 @@
+module "cluster" {
+  source = "../modules/cluster"
+
+  project_id = var.project_id
+  region     = var.region
+  prefix     = "devhub-dev"
+
+  # GKE — small dev nodes
+  node_machine_type = "e2-standard-2"
+  node_count        = 2
+
+  # Cloud SQL — small burstable tier for dev
+  pg_tier               = "db-g1-small"
+  pg_disk_size_gb       = 20
+  pg_availability_type  = "ZONAL"
+  pg_deletion_protection = false
+
+  # Memorystore Redis — BASIC (no HA) for dev
+  redis_tier           = "BASIC"
+  redis_memory_size_gb = 1
+
+  # GCS — STANDARD storage for dev
+  gcs_storage_class = "STANDARD"
+
+  deletion_protection = false
+
+  labels = {
+    environment = "dev"
+    managed-by  = "tofu"
+  }
+}
--- a/.tofu/platforms/gke/dev/outputs.tf
+++ b/.tofu/platforms/gke/dev/outputs.tf
@@ -0,0 +1,14 @@
+output "cluster_name"            { value = module.cluster.cluster_name }
+output "project_id"              { value = module.cluster.project_id }
+output "region"                  { value = module.cluster.region }
+output "pg_host"                 { value = module.cluster.pg_host }
+output "pg_port"                 { value = module.cluster.pg_port }
+output "pg_admin_login"          { value = module.cluster.pg_admin_login }
+output "pg_admin_password"       { value = module.cluster.pg_admin_password;       sensitive = true }
+output "pg_keycloak_password"    { value = module.cluster.pg_keycloak_password;    sensitive = true }
+output "pg_gitlab_password"      { value = module.cluster.pg_gitlab_password;      sensitive = true }
+output "redis_host"              { value = module.cluster.redis_host }
+output "redis_port"              { value = module.cluster.redis_port }
+output "redis_auth_string"       { value = module.cluster.redis_auth_string;       sensitive = true }
+output "gitlab_gcs_bucket_prefix" { value = module.cluster.gitlab_gcs_bucket_prefix }
+output "gitlab_gsa_email"        { value = module.cluster.gitlab_gsa_email }
--- a/.tofu/platforms/gke/dev/providers.tf
+++ b/.tofu/platforms/gke/dev/providers.tf
@@ -0,0 +1,30 @@
+terraform {
+  required_providers {
+    google = {
+      source  = "hashicorp/google"
+      version = "~> 6.0"
+    }
+    random = {
+      source  = "hashicorp/random"
+      version = "~> 3.0"
+    }
+  }
+}
+
+# Authentication: use Application Default Credentials (gcloud auth application-default login)
+# or set GOOGLE_APPLICATION_CREDENTIALS to a service account key file.
+provider "google" {
+  project = var.project_id
+  region  = var.region
+}
+
+variable "project_id" {
+  description = "GCP project ID for the dev environment"
+  type        = string
+}
+
+variable "region" {
+  description = "GCP region"
+  type        = string
+  default     = "europe-west4"
+}