Skip to content

nxthdr/infrastructure

BranchesTags

Repository files navigation

nxthdr Infrastructure

Infrastructure as Code for the nxthdr platform.

Documentation

📚 Read the full documentation

Quick links:

Quick Start

# 1. Set up vault password
echo "YOUR_VAULT_PASSWORD" > .password

# 2. Deploy everything
make apply

Main Commands

Command Description
make apply Full deployment (render + sync + terraform)
make render Render templates only
make sync-config Sync configs to servers
make sync-bird Sync BIRD (BGP) configs
make sync-wireguard Sync WireGuard (VPN) configs
make edit-secrets Edit encrypted secrets

Technology Stack

  • Ansible - Configuration management
  • Terraform - Docker container orchestration
  • Jinja2 - Template rendering
  • Ansible Vault - Secrets management
  • Docker - Container runtime
  • BIRD - BGP routing
  • WireGuard - VPN tunneling

Repository Structure

infrastructure/
├── inventory/          # Server definitions
├── templates/          # Jinja2 templates
│   ├── config/        # Docker container configs
│   └── terraform/     # Terraform templates
├── playbooks/         # Ansible automation
├── render/            # Python rendering scripts
├── secrets/           # Encrypted secrets
├── terraform/         # Terraform files
└── docs/              # Documentation (MkDocs)

Server Provisioning

VLT (Vultr) Servers - Fully Automated

Adding a new server:

  1. Add server to inventory/inventory.yml
  2. Run make vlt

This automates everything: server creation, DNS, software installation, and configuration deployment.

Removing a server:

  1. Run make vlt-destroy (enter hostname when prompted)
  2. Remove server from inventory/inventory.yml
  3. Run make render-terraform to clean up generated files

The destroy command will:

  • Destroy Docker containers and images
  • Destroy Vultr server
  • Remove DNS records

IXP Servers - Semi-Automated

For new IXP servers (manual provisioning):

  1. Manually provision server at hosting provider
  2. Manually create DNS records
  3. Add server to inventory/inventory.yml
  4. Run make ixp

This automates: software installation, BIRD/WireGuard config generation and deployment, Docker containers.

Core Servers - Semi-Automated

For new core servers (manual provisioning):

  1. Manually provision server
  2. Manually create DNS records
  3. Add server to inventory/inventory.yml
  4. Run make core

This automates: software installation, BIRD/WireGuard config generation and deployment, Docker containers.

Security

If you discover a security vulnerability, prefer email: [email protected]

Contributing

Contributions are welcome! Please:

  1. Read the documentation
  2. Open an issue to discuss your changes
  3. Submit a pull request

License

See LICENSE file for details.

About

Infrastructure as a Code.

nxthdr.github.io/infrastructure/

Topics

ansible terraform infrastructure-as-code

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages