infra(aggregation mode): add terraform setup

.gitignore

@@ -41,3 +41,8 @@ circuit_js
 
 # Reports
 docs/dead_links_report.txt
+
+**/.terraform
+terraform.tfstate
+terraform.tfstate.backup
+

infra/aggregation_mode/terraform/cloudinit/cloud-init.yaml

@@ -0,0 +1,56 @@
+#cloud-config
+hostname: ${hostname}
+fqdn: ${hostname}
+manage_etc_hosts: true
+
+users:
+  - name: app
+    shell: /bin/bash
+    ssh_authorized_keys:
+      - ${ssh_public_key}
+  - name: admin
+    shell: /bin/bash
+    sudo: ALL=(ALL) NOPASSWD:ALL
+    ssh_authorized_keys:
+      - ${ssh_public_key}
+
+package_update: true
+package_upgrade: true
+
+packages:
+  - ca-certificates
+  - curl
+  - wget
+  - gnupg
+  - vim
+  - git
+  - zip
+  - unzip
+  - openssl
+  - libssl-dev
+  - build-essential
+  - rsyslog
+  - htop
+  - rsync
+  - pkg-config
+  - locales
+  - ufw
+
+write_files:
+  - path: /etc/environment
+    content: |
+      LANG=en_US.UTF-8
+      LC_ALL=C
+      LANGUAGE=en_US.UTF-8
+      LC_TYPE=en_US.UTF-8
+      LC_CTYPE=en_US.UTF-8
+
+runcmd:
+  - loginctl enable-linger app
+  # Tailscale installation https://tailscale.com/kb/1293/cloud-init
+  - curl -fsSL https://tailscale.com/install.sh | sh
+  - tailscale up --ssh --advertise-tags=tag:server --auth-key=${tailscale_auth_key}
+  - tailscale set --auto-update
+  - sed -i 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen
+  - locale-gen
+  - ufw enable

infra/aggregation_mode/terraform/cloudinit/postgres-monitor-cloud-init.yaml

@@ -0,0 +1,54 @@
+#cloud-config
+hostname: ${hostname}
+fqdn: ${hostname}
+manage_etc_hosts: true
+
+users:
+  - name: app
+    shell: /bin/bash
+    ssh_authorized_keys:
+      - ${ssh_public_key}
+  - name: admin
+    shell: /bin/bash
+    sudo: ALL=(ALL) NOPASSWD:ALL
+    ssh_authorized_keys:
+      - ${ssh_public_key}
+
+package_update: true
+package_upgrade: true
+
+packages:
+  - ca-certificates
+  - curl
+  - wget
+  - gnupg
+  - vim
+  - git
+  - zip
+  - unzip
+  - openssl
+  - libssl-dev
+  - build-essential
+  - rsyslog
+  - htop
+  - rsync
+  - pkg-config
+  - locales
+
+write_files:
+  - path: /etc/environment
+    content: |
+      LANG=en_US.UTF-8
+      LC_ALL=C
+      LANGUAGE=en_US.UTF-8
+      LC_TYPE=en_US.UTF-8
+      LC_CTYPE=en_US.UTF-8
+
+runcmd:
+  - loginctl enable-linger app
+  # Tailscale installation https://tailscale.com/kb/1293/cloud-init
+  - curl -fsSL https://tailscale.com/install.sh | sh
+  - tailscale up --ssh --advertise-tags=tag:server --auth-key=${tailscale_auth_key}
+  - tailscale set --auto-update
+  - sed -i 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen
+  - locale-gen

infra/aggregation_mode/terraform/cloudinit/scaleway-cloud-init.yaml

@@ -0,0 +1,54 @@
+#cloud-config
+hostname: ${hostname}
+fqdn: ${hostname}
+manage_etc_hosts: true
+
+users:
+  - name: app
+    shell: /bin/bash
+    ssh_authorized_keys:
+      - ${ssh_public_key}
+  - name: admin
+    shell: /bin/bash
+    sudo: ALL=(ALL) NOPASSWD:ALL
+    ssh_authorized_keys:
+      - ${ssh_public_key}
+
+package_update: true
+package_upgrade: true
+
+packages:
+  - ca-certificates
+  - curl
+  - wget
+  - gnupg
+  - vim
+  - git
+  - zip
+  - unzip
+  - openssl
+  - libssl-dev
+  - build-essential
+  - rsyslog
+  - htop
+  - rsync
+  - pkg-config
+  - locales
+
+write_files:
+  - path: /etc/environment
+    content: |
+      LANG=en_US.UTF-8
+      LC_ALL=C
+      LANGUAGE=en_US.UTF-8
+      LC_TYPE=en_US.UTF-8
+      LC_CTYPE=en_US.UTF-8
+
+runcmd:
+  - loginctl enable-linger app
+  # Tailscale installation https://tailscale.com/kb/1293/cloud-init
+  - curl -fsSL https://tailscale.com/install.sh | sh
+  - tailscale up --ssh --advertise-tags=tag:server --auth-key=${tailscale_auth_key}
+  - tailscale set --auto-update
+  - sed -i 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen
+  - locale-gen

infra/aggregation_mode/terraform/environments/hoodi/README.md

@@ -0,0 +1,22 @@
+
+# Init
+
+```shell
+source .env && terraform init -migrate-state \
+    -backend-config="bucket=${TFSTATE_BUCKET}" \
+    -backend-config="key=${TFSTATE_KEY}" \
+    -backend-config="region=${TFSTATE_REGION}"
+```
+
+# Plan
+
+```shell
+source .env && terraform plan
+```
+
+# Apply
+
+```shell
+source .env && terraform apply
+```
+

infra/aggregation_mode/terraform/environments/hoodi/main.tf

@@ -0,0 +1,124 @@
+# AWS Provider Configuration
+provider "aws" {
+  region = var.aws_region
+}
+
+# Scaleway Provider Configuration
+provider "scaleway" {
+}
+
+# Tailscale Provider Configuration
+provider "tailscale" {
+}
+
+# Postgres Monitor (EC2)
+module "postgres_monitor" {
+  source = "../../modules/ec2"
+
+  ec2_instance_name            = var.postgres_monitor_instance_name
+  ec2_hostname                 = var.postgres_monitor_hostname
+  ec2_instance_type            = var.postgres_monitor_instance_type
+  ec2_ssh_key_name             = var.postgres_monitor_ssh_key_name
+  ec2_ssh_public_key_path      = var.ssh_public_key_path_aws
+  ec2_cloud_init_template_path = var.postgres_monitor_cloud_init_template_path
+  ec2_root_volume_size         = var.postgres_monitor_root_volume_size
+  ec2_tailscale_key_expiry     = var.tailscale_key_expiry
+  ec2_tailscale_tags           = var.tailscale_tags
+
+  ec2_tags = var.common_tags
+}
+
+# Postgres Primary (Elastic Metal / Scaleway Bare Metal)
+module "postgres_primary" {
+  source = "../../modules/elastic_metal"
+
+  elastic_metal_zone                     = var.postgres_primary_zone
+  elastic_metal_offer_name               = var.postgres_primary_offer_name
+  elastic_metal_subscription_period      = var.subscription_period
+  elastic_metal_server_name              = var.postgres_primary_server_name
+  elastic_metal_hostname                 = var.postgres_primary_hostname
+  elastic_metal_description              = var.postgres_primary_description
+  elastic_metal_ssh_key_name             = var.postgres_primary_ssh_key_name
+  elastic_metal_ssh_public_key_path      = var.ssh_public_key_path_scaleway
+  elastic_metal_cloud_init_template_path = var.postgres_primary_cloud_init_template_path
+  elastic_metal_os_id                    = var.os_id
+  elastic_metal_tailscale_key_expiry     = var.tailscale_key_expiry
+  elastic_metal_tailscale_tags           = var.tailscale_tags
+  elastic_metal_tags                     = var.postgres_primary_tags
+}
+
+# Postgres Secondary (Elastic Metal / Scaleway Bare Metal)
+module "postgres_secondary" {
+  source = "../../modules/elastic_metal"
+
+  elastic_metal_zone                     = var.postgres_secondary_zone
+  elastic_metal_offer_name               = var.postgres_secondary_offer_name
+  elastic_metal_subscription_period      = var.subscription_period
+  elastic_metal_server_name              = var.postgres_secondary_server_name
+  elastic_metal_hostname                 = var.postgres_secondary_hostname
+  elastic_metal_description              = var.postgres_secondary_description
+  elastic_metal_ssh_key_name             = var.postgres_secondary_ssh_key_name
+  elastic_metal_ssh_public_key_path      = var.ssh_public_key_path_scaleway
+  elastic_metal_cloud_init_template_path = var.postgres_secondary_cloud_init_template_path
+  elastic_metal_os_id                    = var.os_id
+  elastic_metal_tailscale_key_expiry     = var.tailscale_key_expiry
+  elastic_metal_tailscale_tags           = var.tailscale_tags
+  elastic_metal_tags                     = var.postgres_secondary_tags
+}
+
+# Gateway Primary (Elastic Metal / Scaleway Bare Metal)
+module "gateway_primary" {
+  source = "../../modules/elastic_metal"
+
+  elastic_metal_zone                     = var.gateway_primary_zone
+  elastic_metal_offer_name               = var.gateway_primary_offer_name
+  elastic_metal_subscription_period      = var.subscription_period
+  elastic_metal_server_name              = var.gateway_primary_server_name
+  elastic_metal_hostname                 = var.gateway_primary_hostname
+  elastic_metal_description              = var.gateway_primary_description
+  elastic_metal_ssh_key_name             = var.gateway_primary_ssh_key_name
+  elastic_metal_ssh_public_key_path      = var.ssh_public_key_path_scaleway
+  elastic_metal_cloud_init_template_path = var.gateway_primary_cloud_init_template_path
+  elastic_metal_os_id                    = var.os_id
+  elastic_metal_tailscale_key_expiry     = var.tailscale_key_expiry
+  elastic_metal_tailscale_tags           = var.tailscale_tags
+  elastic_metal_tags                     = var.gateway_primary_tags
+}
+
+# Gateway Secondary (Elastic Metal / Scaleway Bare Metal)
+module "gateway_secondary" {
+  source = "../../modules/elastic_metal"
+
+  elastic_metal_zone                     = var.gateway_secondary_zone
+  elastic_metal_offer_name               = var.gateway_secondary_offer_name
+  elastic_metal_subscription_period      = var.subscription_period
+  elastic_metal_server_name              = var.gateway_secondary_server_name
+  elastic_metal_hostname                 = var.gateway_secondary_hostname
+  elastic_metal_description              = var.gateway_secondary_description
+  elastic_metal_ssh_key_name             = var.gateway_secondary_ssh_key_name
+  elastic_metal_ssh_public_key_path      = var.ssh_public_key_path_scaleway
+  elastic_metal_cloud_init_template_path = var.gateway_secondary_cloud_init_template_path
+  elastic_metal_os_id                    = var.os_id
+  elastic_metal_tailscale_key_expiry     = var.tailscale_key_expiry
+  elastic_metal_tailscale_tags           = var.tailscale_tags
+  elastic_metal_tags                     = var.gateway_secondary_tags
+}
+
+# Metrics Server (Elastic Metal / Scaleway Bare Metal)
+module "metrics" {
+    source = "../../modules/elastic_metal"
+
+    elastic_metal_zone                     = var.metrics_server_zone
+    elastic_metal_offer_name               = var.metrics_server_offer_name
+    elastic_metal_subscription_period      = var.subscription_period
+    elastic_metal_server_name              = var.metrics_server_name
+    elastic_metal_hostname                 = var.metrics_server_hostname
+    elastic_metal_description              = var.metrics_server_description
+    elastic_metal_ssh_key_name             = var.metrics_server_ssh_key_name
+    elastic_metal_ssh_public_key_path      = var.ssh_public_key_path_scaleway
+    elastic_metal_cloud_init_template_path = var.metrics_server_cloud_init_template_path
+    elastic_metal_os_id                    = var.os_id
+    elastic_metal_tailscale_key_expiry     = var.tailscale_key_expiry
+    elastic_metal_tailscale_tags           = var.tailscale_tags
+    elastic_metal_tags                     = var.metrics_server_tags
+}