├── kubespray ├── inventory_yml.tpl ├── readme.md └── ansible.cfg ├── storage_bucket ├── s3 │ ├── README.md │ ├── private.auto.tfvars.example │ ├── sa-storage-admin.tf │ ├── provider.tf │ └── variables.tf └── service_account │ ├── s3.tf │ ├── README.md │ ├── private.auto.tfvars.example │ ├── provider.tf │ ├── variables.tf │ └── sa-storage-admin.tf ├── terraform-k8s-2 ├── README.md ├── redis.yaml ├── private.auto.tfvars.example ├── provider.tf ├── variables.tf ├── prometheus.yaml └── service-accounts.tf ├── terraform-redis ├── README.md ├── vpc.tf ├── private.auto.tfvars.example ├── provider.tf └── redis_destroy.sh ├── openxpki-docker-compose ├── readme.md ├── private.auto.tfvars.example ├── ansible.cfg ├── inventory_yml.tpl ├── vpc.tf └── files │ └── openxpki.service ├── terraform-k8s-app-redis ├── README.md ├── redis.yaml ├── private.auto.tfvars.example ├── test │ ├── charts │ │ └── redis-17.3.7.tgz │ ├── Chart.lock │ ├── templates │ │ ├── serviceaccount.yaml │ │ └── service.yaml │ └── .helmignore ├── provider.tf ├── variables.tf ├── prometheus.yaml └── service-accounts.tf ├── terraform-vault-traefik ├── README.md ├── provider.tf ├── private.auto.tfvars.example └── dns.tf ├── opensearch-cluster ├── inventory_yml.tpl ├── readme.md ├── private.auto.tfvars.example └── ansible.cfg ├── terraform-coi-before-ingress ├── README.md ├── private.auto.tfvars.example ├── provider.tf ├── variables.tf ├── vpc.tf └── declaration.yaml ├── terraform-regru-certificate ├── README.md ├── output.tf ├── private.auto.tfvars-example ├── versions.tf └── variables.tf ├── terraform-yandex-dns-zone ├── README.md ├── private.auto.tfvars.example ├── dns.tf ├── provider.tf └── variables.tf ├── terraform-yc-folder-bucket ├── README.md ├── private.auto.tfvars.example ├── provider.tf └── variables.tf ├── terraform-helm-release-jenkins ├── README.md ├── provider.tf ├── private.auto.tfvars.example ├── service-accounts.tf └── dns.tf ├── storage_bucket_test_s3sync ├── s3_source │ ├── README.md │ ├── private.auto.tfvars.example │ ├── sa-storage-admin.tf │ ├── provider.tf │ └── variables.tf ├── s3_destination │ ├── README.md │ ├── private.auto.tfvars.example │ ├── sa-storage-admin.tf │ ├── provider.tf │ └── variables.tf ├── service_account_source │ ├── s3.tf │ ├── README.md │ ├── private.auto.tfvars.example │ ├── provider.tf │ └── variables.tf └── service_account_destination │ ├── s3.tf │ ├── README.md │ ├── private.auto.tfvars.example │ ├── provider.tf │ └── variables.tf ├── terraform-helm-release-ingress-nginx ├── README.md ├── private.auto.tfvars.example ├── provider.tf ├── variables.tf ├── vpc.tf └── service-accounts.tf ├── terraform-helm-release-jenkins-out-job ├── README.md ├── provider.tf ├── private.auto.tfvars.example └── service-accounts.tf ├── terraform-helm-release-ingress-static-ip ├── README.md ├── private.auto.tfvars.example ├── provider.tf ├── variables.tf ├── service-accounts.tf └── dns.tf ├── terraform-helm-release-jenkins-out-job2 ├── README.md ├── jobs.tf ├── provider.tf ├── private.auto.tfvars.example └── service-accounts.tf ├── terragrunt-k8s-velero-1.21 ├── values-postgresql.yaml ├── change_context.sh ├── helm_app_remove.sh └── helmfile-postgresql.yaml ├── terragrunt-k8s ├── grafana-password.txt ├── readme.md ├── helmfile-loggenerator.yaml ├── vpc-address │ └── terragrunt.hcl ├── helmfile-promtail.yaml ├── helmfile-loki-distributed.yaml ├── loggenerator │ ├── templates │ │ ├── serviceaccount.yaml │ │ └── service.yaml │ └── .helmignore └── helmfile-ingress-nginx.yaml ├── rocketchat ├── readme.md ├── playbook.yml ├── inventory_yml.tpl ├── ansible.cfg └── rocketchat_destroy.sh ├── jenkins-without-roles ├── readme.md ├── templates │ └── jenkins-jobs-config.j2 ├── files │ ├── defaults.yaml │ ├── override.conf │ ├── projects.yaml │ └── job-template.yaml ├── ansible.cfg └── jenkins_destroy.sh ├── nexus ├── readme.md ├── ansible.cfg └── nexus_destroy.sh ├── squid ├── readme.md ├── playbook.yml ├── private.auto.tfvars.example ├── inventory_yml.tpl ├── ansible.cfg ├── squid_destroy.sh └── provider.tf ├── vpc ├── readme.md ├── provider.tf └── vpc_destroy.sh ├── docker ├── readme.md ├── inventory_yml.tpl ├── ansible.cfg ├── playbook.yml ├── docker_destroy.sh └── sa-compute-admin.tf ├── gitlab ├── readme.md ├── ansible.cfg ├── gitlab_destroy.sh └── sa-compute-admin.tf ├── harbor ├── readme.md ├── ansible.cfg ├── inventory_yml.tpl ├── harbor_destroy.sh └── sa-compute-admin.tf ├── jaeger ├── readme.md ├── playbook.yml ├── ansible.cfg ├── inventory_yml.tpl └── jaeger_destroy.sh ├── jenkins ├── readme.md ├── ansible.cfg └── jenkins_destroy.sh ├── sentry ├── readme.md ├── inventory_yml.tpl ├── ansible.cfg ├── vpc.tf ├── dns.tf └── sentry_destroy.sh ├── terraform-dataproc-yandex ├── readme.md ├── private.auto.tfvars.example ├── provider.tf └── variable.tf ├── vector ├── readme.md ├── playbook.yml ├── inventory_yml.tpl ├── ansible.cfg └── vector_destroy.sh ├── .vscode └── settings.json ├── prometheus ├── readme.md ├── playbook.yml ├── ansible.cfg ├── inventory_yml.tpl └── prometheus_destroy.sh ├── seaweedfs ├── readme.md ├── playbook.yml ├── host_ini.tpl ├── ansible.cfg ├── inventory_yml.tpl └── seaweedfs_destroy.sh ├── sonarqube ├── readme.md ├── ansible.cfg ├── inventory_yml.tpl ├── provider.tf ├── playbook.yml └── sonarqube_destroy.sh ├── terraform-k8s-terragrunt-velero-s3 ├── readme.md ├── env.hcl.example └── s3-bucket │ └── terragrunt.hcl ├── wireguard ├── readme.md ├── templates │ └── clients.conf.j2 ├── ansible.cfg └── wireguard_destroy.sh ├── etcd-cluster ├── readme.md ├── playbook.yml ├── ansible.cfg └── etcd_cluster_destroy.sh ├── letsencrypt ├── readme.md ├── playbook.yml ├── ansible.cfg └── letsencrypt_destroy.sh ├── squid-without-module ├── readme.md ├── playbook.yml ├── inventory_yml.tpl ├── ansible.cfg └── squid_destroy.sh ├── terraform-k8s-harbor ├── README.md ├── private.auto.tfvars.example ├── helm_app_remove.sh └── provider.tf ├── terraform-k8s-nexus ├── README.md ├── private.auto.tfvars.example ├── helm_app_remove.sh ├── provider.tf ├── dns.tf └── variables.tf ├── terraform-k8s-sentry ├── README.md ├── private.auto.tfvars.example ├── helm_app_remove.sh ├── provider.tf ├── value-sentry.yaml ├── dns.tf └── sa-storage-admin.tf ├── vault_docker ├── readme.md ├── files │ ├── autounseal.hcl │ └── vault.hcl ├── ansible.cfg ├── inventory_yml.tpl └── vault_destroy.sh ├── docker-compose-traefik ├── readme.md ├── templates │ ├── config.env.j2 │ └── vhosts_jenkins.conf.j2 ├── ansible.cfg └── inventory_yml.tpl ├── jenkins-letsencrypt ├── readme.md ├── ansible.cfg └── jenkins_destroy.sh ├── kafka-cluster ├── readme.md ├── ansible.cfg ├── inventory_yml.tpl └── kafka_cluster_destroy.sh ├── mongodb-cluster ├── readme.md └── ansible.cfg ├── terragrunt-k8s-dns-vpc ├── readme.md ├── vpc-address │ └── terragrunt.hcl └── time-sleep │ └── terragrunt.hcl ├── zabbix-community ├── readme.md ├── requirements.yml ├── ansible.cfg ├── host_ini.tpl └── zabbix_destroy.sh ├── docker-compose-letsencrypt ├── readme.md ├── templates │ ├── config.env.j2 │ └── vhosts_jenkins.conf.j2 ├── ansible.cfg └── inventory_yml.tpl ├── freeipa-ansible-collection ├── readme.md ├── ansible.cfg └── provider.tf ├── pdc-gitlab ├── readme.md ├── ansible.cfg └── pdc_gitlab_destroy.sh ├── vault_cluster_raft ├── readme.md ├── ansible.cfg └── inventory_yml.tpl ├── zookeeper-cluster ├── readme.md └── ansible.cfg ├── jenkins-in-k8s ├── private.auto.tfvars.example ├── helm_app_remove.sh ├── vpc.tf └── service-accounts.tf ├── k8s-drone-ci ├── private.auto.tfvars.example ├── postgresql-values.yaml ├── vpc.tf └── service-accounts.tf ├── k8s-jenkins-x ├── private.auto.tfvars.example ├── vpc.tf └── service-accounts.tf ├── pdc-freeipa ├── readme.md ├── ansible.cfg └── pdc_freeipa_destroy.sh ├── postgresql-cluster ├── readme.md ├── playbook.yml └── ansible.cfg ├── prometheus-grafana ├── readme.md ├── files │ └── jmx_prometheus_javaagent_config.yaml ├── private.auto.tfvars.example ├── ansible.cfg └── prometheus_destroy.sh ├── terraform-k8s ├── private.auto.tfvars.example ├── provider.tf ├── vpc.tf └── variables.tf ├── terraform-yandex-security-group └── readme.md ├── elasticsearch-cluster ├── readme.md ├── ansible.cfg └── inventory_yml.tpl ├── pdc-gitlab-s3 ├── readme.md ├── ansible.cfg ├── sa-storage-admin.tf └── pdc_gitlab_s3_destroy.sh ├── terraform-k8s-loki ├── private.auto.tfvars.example ├── README.md ├── value-vector.yaml ├── values-kube-prometheus-stack.yaml ├── helm_postgresql_remove.sh ├── provider.tf ├── variables.tf ├── loggenerator │ ├── templates │ │ ├── serviceaccount.yaml │ │ └── service.yaml │ └── .helmignore ├── dns.tf ├── sa-storage-admin.tf └── values-promtail.yaml-backup ├── terraform-k8s-redis ├── private.auto.tfvars.example ├── README.md ├── values-kube-prometheus-stack.yaml ├── provider.tf ├── variables.tf └── dns.tf ├── terraform-k8s-tempo ├── private.auto.tfvars.example ├── README.md ├── provider.tf ├── variables.tf ├── gateway-grafana.yaml └── dns.tf ├── terraform-s3-bucket ├── private.auto.tfvars.example ├── credentials.tpl ├── credentials.example ├── README.md ├── provider.tf └── variables.tf ├── clickhouse-zookeeper-cluster ├── readme.md └── ansible.cfg ├── loki-grafana-java-in-docker ├── readme.md ├── files │ └── jmx_prometheus_javaagent_config.yaml ├── private.auto.tfvars.example └── ansible.cfg ├── prometheus-loki-java-in-docker ├── readme.md ├── files │ └── jmx_prometheus_javaagent_config.yaml ├── private.auto.tfvars.example └── ansible.cfg ├── terraform-k8s-app-pv ├── private.auto.tfvars.example ├── helm_app_pv_remove.sh ├── provider.tf ├── variables.tf ├── loggenerator │ └── templates │ │ ├── serviceaccount.yaml │ │ └── service.yaml ├── dns.tf └── run_psql.sh ├── terraform-k8s-opensearch ├── private.auto.tfvars.example ├── README.md ├── helm_app_remove.sh ├── provider.tf ├── variables.tf ├── dns.tf └── sa-storage-admin.tf ├── terragrunt-k8s-velero-1.22 ├── delete-pods.sh ├── create-pods.sh ├── delete-services.sh ├── create-services.sh ├── change_context.sh ├── helm_app_remove.sh └── helmfile-postgresql.yaml ├── prometheus-grafana-java-in-docker ├── readme.md ├── files │ └── jmx_prometheus_javaagent_config.yaml ├── private.auto.tfvars.example └── ansible.cfg ├── terraform-k8s-alertmanager ├── private.auto.tfvars.example ├── README.md ├── provider.tf ├── variables.tf └── dns.tf ├── terraform-k8s-coi-two-ingress ├── private.auto.tfvars.example ├── provider.tf ├── helmfile-cert-manager.yaml ├── helmfile-traefik.yaml ├── declaration.yaml └── helmfile-ingress-nginx.yaml ├── victoriametrics-cluster-grafana ├── readme.md ├── ansible.cfg └── playbook.yml ├── victoriametrics-single-grafana ├── readme.md ├── ansible.cfg └── playbook.yml ├── prometheus-loki-loggenerator-in-docker ├── readme.md ├── files │ └── config │ │ ├── alertmanager.yml │ │ ├── datasources-230.yaml │ │ └── datasources-261.yaml ├── loki_230_start.yml ├── loki_261_start.yml ├── private.auto.tfvars.example ├── ansible.cfg └── inventory_yml.tpl ├── terraform-k8s-alertmanager-loki ├── private.auto.tfvars.example ├── README.md ├── provider.tf ├── variables.tf ├── dns.tf └── sa-storage-admin.tf ├── terraform-postgres ├── private.auto.tfvars.example ├── provider.tf ├── variables.tf └── postgres_destroy.sh ├── terraform-ydb ├── private.auto.tfvars.example ├── cloud-init.yaml ├── provider.tf ├── variable.tf └── ydb_cluster_destroy.sh ├── jenkins-lean-delivery ├── cloud-init.yaml ├── templates │ └── jenkins-jobs-config.j2 ├── files │ ├── defaults.yaml │ ├── job-template.yaml │ └── projects.yaml ├── ansible.cfg ├── playbook.yml └── jenkins_destroy.sh ├── prometheus-loki-2-7-loggenerator-in-docker ├── readme.md ├── files │ └── config │ │ └── alertmanager.yml ├── loki_start.yml ├── private.auto.tfvars.example ├── ansible.cfg └── inventory_yml.tpl ├── terraform-k8s-istio-prometheus-stack ├── private.auto.tfvars.example ├── README.md ├── provider.tf ├── variables.tf ├── gateway-grafana.yaml └── dns.tf ├── jenkins-geerlingguy-jenkins ├── cloud-init.yaml ├── templates │ └── jenkins-jobs-config.j2 ├── files │ ├── defaults.yaml │ ├── projects.yaml │ └── job-template.yaml └── ansible.cfg ├── terraform-k8s-stress ├── values-stress.yaml ├── private.auto.tfvars.example ├── provider.tf ├── dns.tf └── README.md ├── terraform-postgres-cluster ├── private.auto.tfvars.example ├── provider.tf ├── variables.tf └── vpc.tf ├── terragrunt-k8s-opentelemetry-demo ├── env.hcl-template ├── helm_app_remove.sh ├── readme.md └── helmfile-promtail.yaml ├── terraform-clickhouse ├── private.auto.tfvars.example ├── provider.tf └── variable.tf ├── terraform-k8s-two-ingress ├── private.auto.tfvars.example ├── helm_app_remove.sh ├── provider.tf └── README.md ├── terraform-mongodb ├── private.auto.tfvars.example ├── readme.md ├── provider.tf └── variable.tf ├── terraform-ydb-database-serverless-terraform-lock ├── private.auto.tfvars.example ├── credentials.tftpl ├── provider.tf └── variable.tf ├── terraform-postgres-create-backup ├── private.auto.tfvars.example ├── provider.tf ├── vpc.tf └── variables.tf ├── consul-cluster ├── readme.md ├── ansible.cfg ├── private.auto.tfvars.example ├── inventory_yml.tpl └── consul_cluster_destroy.sh ├── terraform-postgres-restore-backup ├── private.auto.tfvars.example ├── provider.tf ├── vpc.tf └── variables.tf ├── freeipa-docker-compose-smallstep ├── private.auto.tfvars.example ├── ansible.cfg ├── vpc.tf ├── files │ └── freeipa.service └── inventory_yml.tpl ├── freeipa-docker-compose-external-ca ├── private.auto.tfvars.example ├── ansible.cfg ├── vpc.tf ├── files │ └── freeipa.service ├── dns.tf └── inventory_yml.tpl ├── freeipa-docker-compose ├── private.auto.tfvars.example ├── ansible.cfg ├── vpc.tf ├── dns.tf ├── files │ └── freeipa.service ├── inventory_yml.tpl └── readme.md ├── pdc ├── ansible.cfg └── pdc_destroy.sh ├── terragrunt-k8s-vault-external-secret ├── change_context.sh ├── helm_app_remove.sh └── helmfile-postgresql.yaml ├── .editorconfig ├── freeipa-gitlab ├── ansible.cfg ├── readme.md ├── provider.tf └── freeipa_gitlab_destroy.sh ├── harbor-letsencrypt ├── ansible.cfg └── readme.md └── terragrunt.hcl /kubespray/inventory_yml.tpl: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /storage_bucket/s3/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /terraform-k8s-2/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /terraform-redis/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /terraform-redis/vpc.tf: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /openxpki-docker-compose/readme.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /terraform-k8s-app-redis/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /terraform-vault-traefik/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /opensearch-cluster/inventory_yml.tpl: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /storage_bucket/service_account/s3.tf: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /terraform-coi-before-ingress/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /terraform-regru-certificate/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /terraform-yandex-dns-zone/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /terraform-yc-folder-bucket/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /storage_bucket/service_account/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /terraform-helm-release-jenkins/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /storage_bucket_test_s3sync/s3_source/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /terraform-helm-release-ingress-nginx/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /terraform-helm-release-jenkins-out-job/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /storage_bucket_test_s3sync/s3_destination/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /terraform-helm-release-ingress-static-ip/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /terraform-helm-release-jenkins-out-job2/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /terragrunt-k8s-velero-1.21/values-postgresql.yaml: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /terragrunt-k8s/grafana-password.txt: -------------------------------------------------------------------------------- 1 | prom-operator 2 | -------------------------------------------------------------------------------- /rocketchat/readme.md: -------------------------------------------------------------------------------- 1 | ### Install squid by arocketchat 2 | -------------------------------------------------------------------------------- /storage_bucket_test_s3sync/service_account_source/s3.tf: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /storage_bucket_test_s3sync/service_account_destination/s3.tf: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /storage_bucket_test_s3sync/service_account_source/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /storage_bucket_test_s3sync/service_account_destination/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /jenkins-without-roles/readme.md: -------------------------------------------------------------------------------- 1 | https://console.developers.google.com/ -------------------------------------------------------------------------------- /nexus/readme.md: -------------------------------------------------------------------------------- 1 | ### Install nexus by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /squid/readme.md: -------------------------------------------------------------------------------- 1 | ### Install squid by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /vpc/readme.md: -------------------------------------------------------------------------------- 1 | ### Install harbor by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /docker/readme.md: -------------------------------------------------------------------------------- 1 | ### Install harbor by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /gitlab/readme.md: -------------------------------------------------------------------------------- 1 | ### Install gitlab by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /harbor/readme.md: -------------------------------------------------------------------------------- 1 | ### Install harbor by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /jaeger/readme.md: -------------------------------------------------------------------------------- 1 | ### Install jaeger by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /jenkins/readme.md: -------------------------------------------------------------------------------- 1 | ### Install jenkins by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /sentry/readme.md: -------------------------------------------------------------------------------- 1 | ### Install sentry by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /terraform-dataproc-yandex/readme.md: -------------------------------------------------------------------------------- 1 | Состояние кластера на данный момент неизвестно. -------------------------------------------------------------------------------- /vector/readme.md: -------------------------------------------------------------------------------- 1 | ### Install vector by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /.vscode/settings.json: -------------------------------------------------------------------------------- 1 | { 2 | "ansible.python.interpreterPath": "/bin/python3" 3 | } -------------------------------------------------------------------------------- /jaeger/playbook.yml: -------------------------------------------------------------------------------- 1 | - hosts: jaeger 2 | roles: 3 | - andrewrothstein.jaeger 4 | -------------------------------------------------------------------------------- /kubespray/readme.md: -------------------------------------------------------------------------------- 1 | ### Install kubespray by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /prometheus/readme.md: -------------------------------------------------------------------------------- 1 | ### Install prometheus by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /seaweedfs/readme.md: -------------------------------------------------------------------------------- 1 | ### Install seaweedfs by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /sonarqube/readme.md: -------------------------------------------------------------------------------- 1 | ### Install sonarqube by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /terraform-k8s-terragrunt-velero-s3/readme.md: -------------------------------------------------------------------------------- 1 | ```shell 2 | terragrunt apply 3 | ``` 4 | -------------------------------------------------------------------------------- /wireguard/readme.md: -------------------------------------------------------------------------------- 1 | ### Install wireguard by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /etcd-cluster/readme.md: -------------------------------------------------------------------------------- 1 | ### Install etcd-cluster by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /letsencrypt/readme.md: -------------------------------------------------------------------------------- 1 | ### Install letsencrypt by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /squid-without-module/readme.md: -------------------------------------------------------------------------------- 1 | ### Install squid by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /terraform-k8s-harbor/README.md: -------------------------------------------------------------------------------- 1 | ## View logs harbor 2 | ``` 3 | stern -n harbor . 4 | ``` 5 | -------------------------------------------------------------------------------- /terraform-k8s-nexus/README.md: -------------------------------------------------------------------------------- 1 | ## View logs nexus 2 | ``` 3 | stern -n nexus . 4 | ``` 5 | -------------------------------------------------------------------------------- /terraform-k8s-sentry/README.md: -------------------------------------------------------------------------------- 1 | ## View logs sentry 2 | ``` 3 | stern -n sentry . 4 | ``` 5 | -------------------------------------------------------------------------------- /vault_docker/readme.md: -------------------------------------------------------------------------------- 1 | ### Install vault-cluster by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /docker-compose-traefik/readme.md: -------------------------------------------------------------------------------- 1 | ### Install harbor by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /jenkins-letsencrypt/readme.md: -------------------------------------------------------------------------------- 1 | ### Install jenkins by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /kafka-cluster/readme.md: -------------------------------------------------------------------------------- 1 | ### Install kafka-cluster by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /mongodb-cluster/readme.md: -------------------------------------------------------------------------------- 1 | ### Install mongodb-cluster by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /terragrunt-k8s-dns-vpc/readme.md: -------------------------------------------------------------------------------- 1 | test module for wait before create and destroy other module 2 | -------------------------------------------------------------------------------- /zabbix-community/readme.md: -------------------------------------------------------------------------------- 1 | ### Install zabbix-cluster by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /docker-compose-letsencrypt/readme.md: -------------------------------------------------------------------------------- 1 | ### Install harbor by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /freeipa-ansible-collection/readme.md: -------------------------------------------------------------------------------- 1 | ### Install freeipa by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /pdc-gitlab/readme.md: -------------------------------------------------------------------------------- 1 | ### Install Active Directory, Gitlab by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /terraform-k8s-2/redis.yaml: -------------------------------------------------------------------------------- 1 | metrics: 2 | enabled: true 3 | serviceMonitor: 4 | enabled: true 5 | -------------------------------------------------------------------------------- /vault_cluster_raft/readme.md: -------------------------------------------------------------------------------- 1 | ### Install vault-cluster by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /zookeeper-cluster/readme.md: -------------------------------------------------------------------------------- 1 | ### Install zookeeper-cluster by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /jenkins-in-k8s/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /k8s-drone-ci/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /k8s-jenkins-x/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /opensearch-cluster/readme.md: -------------------------------------------------------------------------------- 1 | ### Install opensearch-cluster by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /pdc-freeipa/readme.md: -------------------------------------------------------------------------------- 1 | ### Install Active Directory, Freeipa by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /postgresql-cluster/readme.md: -------------------------------------------------------------------------------- 1 | ### Install postgresql-cluster by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /prometheus-grafana/readme.md: -------------------------------------------------------------------------------- 1 | ### Install prometheus, grafana by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /squid/playbook.yml: -------------------------------------------------------------------------------- 1 | - hosts: squid 2 | become: true 3 | roles: 4 | - mrlesmithjr.squid 5 | -------------------------------------------------------------------------------- /terraform-k8s/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /terraform-yandex-security-group/readme.md: -------------------------------------------------------------------------------- 1 | ### Install harbor by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /elasticsearch-cluster/readme.md: -------------------------------------------------------------------------------- 1 | ### Install elasticsearch-cluster by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /pdc-gitlab-s3/readme.md: -------------------------------------------------------------------------------- 1 | ### Install Active Directory, S3, Gitlab by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /squid-without-module/playbook.yml: -------------------------------------------------------------------------------- 1 | - hosts: squid 2 | become: true 3 | roles: 4 | - mrlesmithjr.squid 5 | -------------------------------------------------------------------------------- /terraform-k8s-app-redis/redis.yaml: -------------------------------------------------------------------------------- 1 | metrics: 2 | enabled: true 3 | serviceMonitor: 4 | enabled: true 5 | -------------------------------------------------------------------------------- /terraform-k8s-loki/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /terraform-k8s-redis/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /terraform-k8s-tempo/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /terraform-s3-bucket/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /vector/playbook.yml: -------------------------------------------------------------------------------- 1 | - hosts: vector 2 | become: true 3 | roles: 4 | - ansible-role-vector 5 | -------------------------------------------------------------------------------- /clickhouse-zookeeper-cluster/readme.md: -------------------------------------------------------------------------------- 1 | ### Install clickhouse-cluster by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /letsencrypt/playbook.yml: -------------------------------------------------------------------------------- 1 | - hosts: letsencrypt 2 | become: true 3 | roles: 4 | - role: systemli.letsencrypt 5 | -------------------------------------------------------------------------------- /loki-grafana-java-in-docker/readme.md: -------------------------------------------------------------------------------- 1 | ### Install prometheus, grafana by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /prometheus-loki-java-in-docker/readme.md: -------------------------------------------------------------------------------- 1 | ### Install prometheus, grafana by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /rocketchat/playbook.yml: -------------------------------------------------------------------------------- 1 | - hosts: rocketchat 2 | become: true 3 | roles: 4 | - Rocket.Chat.Ansible 5 | -------------------------------------------------------------------------------- /terraform-k8s-app-pv/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /terraform-k8s-opensearch/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /terragrunt-k8s-velero-1.22/delete-pods.sh: -------------------------------------------------------------------------------- 1 | for num in {1..5000} 2 | do 3 | kubectl delete pod nginx$num 4 | done 5 | -------------------------------------------------------------------------------- /prometheus-grafana-java-in-docker/readme.md: -------------------------------------------------------------------------------- 1 | ### Install prometheus, grafana by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /terraform-coi-before-ingress/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /terraform-k8s-alertmanager/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /terraform-k8s-coi-two-ingress/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /terraform-yandex-dns-zone/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /victoriametrics-cluster-grafana/readme.md: -------------------------------------------------------------------------------- 1 | ### Install victoriametrics-cluster by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /victoriametrics-single-grafana/readme.md: -------------------------------------------------------------------------------- 1 | ### Install victoriametrics-single by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /prometheus-loki-loggenerator-in-docker/readme.md: -------------------------------------------------------------------------------- 1 | ### Install prometheus, grafana by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /storage_bucket/s3/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /terraform-k8s-2/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /terraform-k8s-alertmanager-loki/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /terraform-postgres/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /terraform-ydb/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /terragrunt-k8s-velero-1.22/create-pods.sh: -------------------------------------------------------------------------------- 1 | for num in {1..5000} 2 | do 3 | kubectl run nginx$num --image=nginx 4 | done 5 | -------------------------------------------------------------------------------- /jenkins-lean-delivery/cloud-init.yaml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | runcmd: 3 | - [ apt-get, install, -y, mc ] 4 | - [ touch, /test.txt ] 5 | -------------------------------------------------------------------------------- /prometheus-loki-2-7-loggenerator-in-docker/readme.md: -------------------------------------------------------------------------------- 1 | ### Install prometheus, grafana by ansible and terraform to Yandex Cloud 2 | -------------------------------------------------------------------------------- /terraform-helm-release-ingress-nginx/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /terraform-k8s-app-redis/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /terraform-k8s-istio-prometheus-stack/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /jenkins-geerlingguy-jenkins/cloud-init.yaml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | runcmd: 3 | - [ apt-get, install, -y, mc ] 4 | - [ touch, /test.txt ] 5 | -------------------------------------------------------------------------------- /postgresql-cluster/playbook.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | become: true 4 | 5 | roles: 6 | - role: vitabaks.postgresql_cluster 7 | -------------------------------------------------------------------------------- /prometheus-grafana/files/jmx_prometheus_javaagent_config.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | hostPort: localhost:65322 3 | 4 | rules: 5 | - pattern: ".*" 6 | -------------------------------------------------------------------------------- /terraform-helm-release-ingress-static-ip/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /terraform-k8s-stress/values-stress.yaml: -------------------------------------------------------------------------------- 1 | stressCmd: 'stress --cpu 8 --io 4 --vm 2 --vm-bytes 128M --timeout 10m' 2 | 3 | resources: {} 4 | -------------------------------------------------------------------------------- /terraform-postgres-cluster/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /terraform-s3-bucket/credentials.tpl: -------------------------------------------------------------------------------- 1 | [default] 2 | aws_access_key_id=${access_key} 3 | aws_secret_access_key=${secret_key} 4 | 5 | -------------------------------------------------------------------------------- /terraform-yc-folder-bucket/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /terragrunt-k8s-velero-1.22/delete-services.sh: -------------------------------------------------------------------------------- 1 | for num in {1..5000} 2 | do 3 | echo $num 4 | kubectl delete svc nginx$num 5 | done 6 | -------------------------------------------------------------------------------- /storage_bucket/service_account/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /terraform-dataproc-yandex/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /terraform-k8s-harbor/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | email_letsencrypt = "" 5 | -------------------------------------------------------------------------------- /terraform-k8s-nexus/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | email_letsencrypt = "" 5 | -------------------------------------------------------------------------------- /terraform-regru-certificate/output.tf: -------------------------------------------------------------------------------- 1 | output "account_key_pem" { 2 | value = nonsensitive(acme_certificate.certificate.account_key_pem) 3 | } -------------------------------------------------------------------------------- /vpc/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | } 6 | } 7 | } 8 | -------------------------------------------------------------------------------- /loki-grafana-java-in-docker/files/jmx_prometheus_javaagent_config.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | hostPort: localhost:65322 3 | 4 | rules: 5 | - pattern: ".*" 6 | -------------------------------------------------------------------------------- /storage_bucket_test_s3sync/s3_source/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /terraform-redis/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | password = "" -------------------------------------------------------------------------------- /terraform-regru-certificate/private.auto.tfvars-example: -------------------------------------------------------------------------------- 1 | email_address = "" 2 | common_name = "" 3 | REGRU_USERNAME = "" 4 | REGRU_PASSWORD = "" 5 | -------------------------------------------------------------------------------- /terragrunt-k8s-opentelemetry-demo/env.hcl-template: -------------------------------------------------------------------------------- 1 | locals { 2 | cloud_id = "xxxx" 3 | network_id = "xxxx" 4 | folder_id = "xxxx" 5 | } 6 | -------------------------------------------------------------------------------- /prometheus-grafana-java-in-docker/files/jmx_prometheus_javaagent_config.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | hostPort: localhost:65322 3 | 4 | rules: 5 | - pattern: ".*" 6 | -------------------------------------------------------------------------------- /prometheus-loki-java-in-docker/files/jmx_prometheus_javaagent_config.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | hostPort: localhost:65322 3 | 4 | rules: 5 | - pattern: ".*" 6 | -------------------------------------------------------------------------------- /seaweedfs/playbook.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: seaweedfs 3 | become: true 4 | roles: 5 | - role: ansible-role-seaweedfs 6 | weed_version: 2.74 7 | -------------------------------------------------------------------------------- /storage_bucket_test_s3sync/s3_destination/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /terragrunt-k8s-velero-1.22/create-services.sh: -------------------------------------------------------------------------------- 1 | for num in {1..5000} 2 | do 3 | kubectl expose pod nginx$num --port 80 --target-port 8080 4 | done 5 | -------------------------------------------------------------------------------- /docker-compose-traefik/templates/config.env.j2: -------------------------------------------------------------------------------- 1 | DOMAINS="{{docker_external_url}}" 2 | CERTBOT_EMAILS="" 3 | CERTBOT_TEST_CERT=0 4 | CERTBOT_RSA_KEY_SIZE=4096 -------------------------------------------------------------------------------- /prometheus/playbook.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install prometheus 3 | hosts: prometheus 4 | become: true 5 | 6 | roles: 7 | - cloudalchemy.prometheus 8 | -------------------------------------------------------------------------------- /storage_bucket_test_s3sync/service_account_source/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /terraform-k8s-stress/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | bot_token = "" 5 | chat_id = "" 6 | -------------------------------------------------------------------------------- /terraform-s3-bucket/credentials.example: -------------------------------------------------------------------------------- 1 | [default] 2 | aws_access_key_id=<идентификатор ключа> 3 | aws_secret_access_key=<значение секретного ключа> 4 | -------------------------------------------------------------------------------- /docker-compose-letsencrypt/templates/config.env.j2: -------------------------------------------------------------------------------- 1 | DOMAINS="{{docker_external_url}}" 2 | CERTBOT_EMAILS="" 3 | CERTBOT_TEST_CERT=0 4 | CERTBOT_RSA_KEY_SIZE=4096 -------------------------------------------------------------------------------- /docker-compose-traefik/templates/vhosts_jenkins.conf.j2: -------------------------------------------------------------------------------- 1 | location / { 2 | root /var/www/html/{{docker_external_url}}; 3 | index index.html index.htm; 4 | } -------------------------------------------------------------------------------- /k8s-drone-ci/postgresql-values.yaml: -------------------------------------------------------------------------------- 1 | global: 2 | postgresql: 3 | auth: 4 | username: "drone" 5 | password: "drone" 6 | database: "drone" 7 | -------------------------------------------------------------------------------- /storage_bucket_test_s3sync/service_account_destination/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /terraform-clickhouse/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | clickhouse_password = "" -------------------------------------------------------------------------------- /terraform-k8s-two-ingress/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | bot_token = "" 5 | chat_id = "" 6 | -------------------------------------------------------------------------------- /terraform-mongodb/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | password_mongo = "" 5 | -------------------------------------------------------------------------------- /terraform-ydb-database-serverless-terraform-lock/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | -------------------------------------------------------------------------------- /docker-compose-letsencrypt/templates/vhosts_jenkins.conf.j2: -------------------------------------------------------------------------------- 1 | location / { 2 | root /var/www/html/{{docker_external_url}}; 3 | index index.html index.htm; 4 | } -------------------------------------------------------------------------------- /terraform-k8s-loki/README.md: -------------------------------------------------------------------------------- 1 | ## View logs loki 2 | ``` 3 | stern -n loki . 4 | ``` 5 | 6 | ## View logs promtail 7 | ``` 8 | stern -n promtail . 9 | ``` 10 | -------------------------------------------------------------------------------- /terraform-k8s-redis/README.md: -------------------------------------------------------------------------------- 1 | ## View logs loki 2 | ``` 3 | stern -n loki . 4 | ``` 5 | 6 | ## View logs promtail 7 | ``` 8 | stern -n promtail . 9 | ``` 10 | -------------------------------------------------------------------------------- /terraform-k8s-tempo/README.md: -------------------------------------------------------------------------------- 1 | ## View logs loki 2 | ``` 3 | stern -n loki . 4 | ``` 5 | 6 | ## View logs promtail 7 | ``` 8 | stern -n promtail . 9 | ``` 10 | -------------------------------------------------------------------------------- /terraform-postgres-create-backup/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | psql_password = "" 5 | -------------------------------------------------------------------------------- /consul-cluster/readme.md: -------------------------------------------------------------------------------- 1 | ### Install consul-cluster by ansible and terraform to Yandex Cloud 2 | 3 | ``` 4 | sudo apt install --no-install-recommends python3-netaddr 5 | ``` -------------------------------------------------------------------------------- /jenkins-lean-delivery/templates/jenkins-jobs-config.j2: -------------------------------------------------------------------------------- 1 | [jenkins] 2 | user=admin 3 | password={{ api_token }} 4 | url=http://127.0.0.1:8080 5 | query_plugins_info=False 6 | -------------------------------------------------------------------------------- /jenkins-without-roles/templates/jenkins-jobs-config.j2: -------------------------------------------------------------------------------- 1 | [jenkins] 2 | user=admin 3 | password={{ api_token }} 4 | url=http://127.0.0.1:8080 5 | query_plugins_info=False 6 | -------------------------------------------------------------------------------- /terraform-k8s-opensearch/README.md: -------------------------------------------------------------------------------- 1 | ## View logs loki 2 | ``` 3 | stern -n loki . 4 | ``` 5 | 6 | ## View logs promtail 7 | ``` 8 | stern -n promtail . 9 | ``` 10 | -------------------------------------------------------------------------------- /terraform-postgres-restore-backup/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | psql_password = "" 5 | -------------------------------------------------------------------------------- /terraform-yandex-dns-zone/dns.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_dns_zone" "apatsev_org_ru" { 2 | name = "apatsev-org-ru" 3 | zone = "apatsev.org.ru." 4 | public = true 5 | } 6 | -------------------------------------------------------------------------------- /jenkins-geerlingguy-jenkins/templates/jenkins-jobs-config.j2: -------------------------------------------------------------------------------- 1 | [jenkins] 2 | user=admin 3 | password={{ api_token }} 4 | url=http://127.0.0.1:8080 5 | query_plugins_info=False 6 | -------------------------------------------------------------------------------- /terraform-k8s-alertmanager/README.md: -------------------------------------------------------------------------------- 1 | ## View logs loki 2 | ``` 3 | stern -n loki . 4 | ``` 5 | 6 | ## View logs promtail 7 | ``` 8 | stern -n promtail . 9 | ``` 10 | -------------------------------------------------------------------------------- /terraform-k8s-app-redis/test/charts/redis-17.3.7.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/patsevanton/yandex-iac-ansible-example/HEAD/terraform-k8s-app-redis/test/charts/redis-17.3.7.tgz -------------------------------------------------------------------------------- /terraform-k8s-opensearch/helm_app_remove.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | echo "" 6 | echo "helm uninstall opensearch" 7 | helm uninstall opensearch || true 8 | -------------------------------------------------------------------------------- /terraform-ydb/cloud-init.yaml: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | runcmd: 3 | - apt-get update 4 | - sudo apt install python3-pip git -y 5 | - sudo pip3 install iso8601 ydb yandexcloud 6 | -------------------------------------------------------------------------------- /terraform-k8s-alertmanager-loki/README.md: -------------------------------------------------------------------------------- 1 | ## View logs loki 2 | ``` 3 | stern -n loki . 4 | ``` 5 | 6 | ## View logs promtail 7 | ``` 8 | stern -n promtail . 9 | ``` 10 | -------------------------------------------------------------------------------- /terragrunt-k8s-opentelemetry-demo/helm_app_remove.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | echo "" 4 | 5 | helmfile destroy -f helmfile-promtail.yaml 6 | 7 | rm -f "/home/$USER/.kube/config" 8 | -------------------------------------------------------------------------------- /storage_bucket/s3/sa-storage-admin.tf: -------------------------------------------------------------------------------- 1 | 2 | data "yandex_iam_service_account" "sa-storage-admin" { 3 | folder_id = var.yc_folder_id 4 | name = "sa-storage-admin" 5 | } 6 | 7 | -------------------------------------------------------------------------------- /terraform-k8s-istio-prometheus-stack/README.md: -------------------------------------------------------------------------------- 1 | ## View logs loki 2 | ``` 3 | stern -n loki . 4 | ``` 5 | 6 | ## View logs promtail 7 | ``` 8 | stern -n promtail . 9 | ``` 10 | -------------------------------------------------------------------------------- /terraform-k8s-loki/value-vector.yaml: -------------------------------------------------------------------------------- 1 | service: 2 | enabled: false 3 | 4 | customConfig: 5 | sinks: 6 | sink_to_loki: 7 | endpoint: "http://loki-loki-distributed-gateway.loki" 8 | -------------------------------------------------------------------------------- /terraform-ydb-database-serverless-terraform-lock/credentials.tftpl: -------------------------------------------------------------------------------- 1 | [default] 2 | aws_access_key_id = "${access_key}" 3 | aws_secret_access_key = "${secret_key}" 4 | region = "ru-central1" 5 | -------------------------------------------------------------------------------- /jenkins-in-k8s/helm_app_remove.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | # uninstall Jenkins 6 | echo "" 7 | echo "werf helm uninstall jenkins" 8 | werf helm uninstall jenkins || true 9 | -------------------------------------------------------------------------------- /terraform-k8s-terragrunt-velero-s3/env.hcl.example: -------------------------------------------------------------------------------- 1 | locals { 2 | cloud_id = "b1gvct0b630bbm7i7v90" 3 | network_id = "enprkje8ae9b74e0himb" 4 | folder_id = "b1g972v94kscfi3qmfmh" 5 | } 6 | -------------------------------------------------------------------------------- /terraform-mongodb/readme.md: -------------------------------------------------------------------------------- 1 | 2 | https://computingforgeeks.com/how-to-install-latest-mongodb-on-ubuntu/ 3 | 4 | https://cloud.yandex.com/en-ru/docs/managed-mongodb/concepts/users-and-roles 5 | 6 | -------------------------------------------------------------------------------- /vault_docker/files/autounseal.hcl: -------------------------------------------------------------------------------- 1 | path "transit/encrypt/autounseal" { 2 | capabilities = ["update"] 3 | } 4 | 5 | path "transit/decrypt/autounseal" { 6 | capabilities = ["update"] 7 | } 8 | -------------------------------------------------------------------------------- /storage_bucket_test_s3sync/s3_source/sa-storage-admin.tf: -------------------------------------------------------------------------------- 1 | 2 | data "yandex_iam_service_account" "sa-storage-admin" { 3 | folder_id = var.yc_folder_id 4 | name = "sa-storage-admin" 5 | } 6 | 7 | -------------------------------------------------------------------------------- /storage_bucket_test_s3sync/s3_destination/sa-storage-admin.tf: -------------------------------------------------------------------------------- 1 | 2 | data "yandex_iam_service_account" "sa-storage-admin" { 3 | folder_id = var.yc_folder_id 4 | name = "sa-storage-admin" 5 | } 6 | 7 | -------------------------------------------------------------------------------- /terraform-k8s-sentry/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | email_letsencrypt = "" 5 | sentry_redis_password = "" 6 | sentry_postgres_password = "" 7 | -------------------------------------------------------------------------------- /terraform-regru-certificate/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | acme = { 4 | source = "vancluever/acme" 5 | version = "~> 2.0" 6 | } 7 | } 8 | } 9 | 10 | -------------------------------------------------------------------------------- /etcd-cluster/playbook.yml: -------------------------------------------------------------------------------- 1 | - hosts: etcd 2 | become: true 3 | roles: 4 | - role: andrewrothstein.etcd-cluster 5 | # if you don't want to secure your install then use 6 | etcd_secure: False 7 | -------------------------------------------------------------------------------- /jenkins-lean-delivery/files/defaults.yaml: -------------------------------------------------------------------------------- 1 | - defaults: 2 | name: global 3 | logrotate: 4 | daysToKeep: 30 5 | numToKeep: 5 6 | artifactDaysToKeep: -1 7 | artifactNumToKeep: -1 8 | -------------------------------------------------------------------------------- /jenkins-without-roles/files/defaults.yaml: -------------------------------------------------------------------------------- 1 | - defaults: 2 | name: global 3 | logrotate: 4 | daysToKeep: 120 5 | numToKeep: 10 6 | artifactDaysToKeep: -1 7 | artifactNumToKeep: -1 8 | -------------------------------------------------------------------------------- /jenkins-without-roles/files/override.conf: -------------------------------------------------------------------------------- 1 | [Service] 2 | Environment="JAVA_OPTS=-Djava.awt.headless=true -Djenkins.install.runSetupWizard=false" 3 | Environment="CASC_JENKINS_CONFIG=/var/lib/jenkins/jcasc/" 4 | -------------------------------------------------------------------------------- /jenkins-geerlingguy-jenkins/files/defaults.yaml: -------------------------------------------------------------------------------- 1 | - defaults: 2 | name: global 3 | logrotate: 4 | daysToKeep: 120 5 | numToKeep: 10 6 | artifactDaysToKeep: -1 7 | artifactNumToKeep: -1 8 | -------------------------------------------------------------------------------- /terraform-k8s-loki/values-kube-prometheus-stack.yaml: -------------------------------------------------------------------------------- 1 | grafana: 2 | enabled: true 3 | ingress: 4 | enabled: true 5 | ingressClassName: nginx 6 | hosts: 7 | - loki.apatsev.org.ru 8 | path: / 9 | -------------------------------------------------------------------------------- /terraform-k8s-nexus/helm_app_remove.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | echo "" 6 | echo "helm uninstall nexus" 7 | helm uninstall -n nexus nexus || true 8 | kubectl delete namespace nexus || true 9 | -------------------------------------------------------------------------------- /zabbix-community/requirements.yml: -------------------------------------------------------------------------------- 1 | --- 2 | collections: 3 | - name: community.zabbix 4 | version: 1.6.0 5 | - name: ansible.posix 6 | version: 1.3.0 7 | - name: community.general 8 | version: 3.7.0 9 | -------------------------------------------------------------------------------- /opensearch-cluster/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | yc_zone = "ru-central1-b" 5 | family_images_linux = "ubuntu-2004-lts" 6 | -------------------------------------------------------------------------------- /jenkins-lean-delivery/files/job-template.yaml: -------------------------------------------------------------------------------- 1 | - job-template: 2 | name: '{name}_job' 3 | description: 'Automatically generated test' 4 | project-type: freestyle 5 | builders: 6 | - shell: '{command}' 7 | -------------------------------------------------------------------------------- /terraform-k8s-redis/values-kube-prometheus-stack.yaml: -------------------------------------------------------------------------------- 1 | grafana: 2 | enabled: true 3 | ingress: 4 | enabled: true 5 | ingressClassName: nginx 6 | hosts: 7 | - promgrafana.apatsev.org.ru 8 | path: / 9 | -------------------------------------------------------------------------------- /terragrunt-k8s/readme.md: -------------------------------------------------------------------------------- 1 | Create secret 2 | ``` 3 | kubectl create secret generic grafana-password --from-file=grafana-password.txt -n monitoring 4 | ``` 5 | 6 | In Import via grafana.com, put the dashboard id 7587 and click on Load. 7 | -------------------------------------------------------------------------------- /squid/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | yc_zone = "ru-central1-b" 5 | family_images_linux = "ubuntu-2004-lts" 6 | ssh_user = "ubuntu" 7 | -------------------------------------------------------------------------------- /prometheus-loki-loggenerator-in-docker/files/config/alertmanager.yml: -------------------------------------------------------------------------------- 1 | route: 2 | receiver: 'default-receiver' 3 | group_wait: 30s 4 | group_interval: 30m 5 | group_by: [ alertname ] 6 | 7 | receivers: 8 | - name: 'default-receiver' 9 | -------------------------------------------------------------------------------- /prometheus-loki-2-7-loggenerator-in-docker/files/config/alertmanager.yml: -------------------------------------------------------------------------------- 1 | route: 2 | receiver: 'default-receiver' 3 | group_wait: 30s 4 | group_interval: 30m 5 | group_by: [ alertname ] 6 | 7 | receivers: 8 | - name: 'default-receiver' 9 | -------------------------------------------------------------------------------- /seaweedfs/host_ini.tpl: -------------------------------------------------------------------------------- 1 | [seaweedfs] 2 | "${hostname}" ansible_host="${public_ip}" 3 | 4 | [seaweedfs:vars] 5 | seaweedfs_external_url="https://${hostname}.${public_ip}.${domain}" 6 | ansible_user=ubuntu 7 | ansible_ssh_private_key_file=~/.ssh/id_rsa 8 | -------------------------------------------------------------------------------- /terraform-k8s-two-ingress/helm_app_remove.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | echo "" 4 | echo "helm uninstall" 5 | kubectl delete -f certificate.yaml 6 | helmfile destroy 7 | kubectl delete namespace grafana || true 8 | kubectl delete namespace consul || true 9 | -------------------------------------------------------------------------------- /terragrunt-k8s-opentelemetry-demo/readme.md: -------------------------------------------------------------------------------- 1 | Create secret 2 | ``` 3 | kubectl create secret generic grafana-password --from-file=grafana-password.txt -n monitoring 4 | ``` 5 | 6 | In Import via grafana.com, put the dashboard id 7587 and click on Load. 7 | -------------------------------------------------------------------------------- /docker/inventory_yml.tpl: -------------------------------------------------------------------------------- 1 | all: 2 | children: 3 | docker: 4 | hosts: 5 | "${hostname}": 6 | ansible_host: "${public_ip}" 7 | vars: 8 | ansible_user: ${ssh_user} 9 | ansible_ssh_private_key_file: ~/.ssh/id_rsa 10 | -------------------------------------------------------------------------------- /freeipa-docker-compose-smallstep/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | freeipa_password = "" 5 | freeipa_fqdn = freeipa.apatsev.org.ru 6 | freeipa_domain = "apatsev.org.ru" -------------------------------------------------------------------------------- /sentry/inventory_yml.tpl: -------------------------------------------------------------------------------- 1 | all: 2 | children: 3 | sentry: 4 | hosts: 5 | "${hostname}": 6 | ansible_host: "${public_ip}" 7 | vars: 8 | ansible_user: ${ssh_user} 9 | ansible_ssh_private_key_file: ~/.ssh/id_rsa 10 | -------------------------------------------------------------------------------- /squid/inventory_yml.tpl: -------------------------------------------------------------------------------- 1 | all: 2 | children: 3 | squid: 4 | hosts: 5 | "${hostname}": 6 | ansible_host: "${public_ip}" 7 | vars: 8 | ansible_user: ${ssh_user} 9 | ansible_ssh_private_key_file: ~/.ssh/id_rsa 10 | -------------------------------------------------------------------------------- /vector/inventory_yml.tpl: -------------------------------------------------------------------------------- 1 | all: 2 | children: 3 | vector: 4 | hosts: 5 | "${hostname}": 6 | ansible_host: "${public_ip}" 7 | vars: 8 | ansible_user: ${ssh_user} 9 | ansible_ssh_private_key_file: ~/.ssh/id_rsa 10 | -------------------------------------------------------------------------------- /freeipa-docker-compose-external-ca/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | freeipa_password = "" 5 | freeipa_fqdn = freeipa.apatsev.org.ru 6 | freeipa_domain = "apatsev.org.ru" -------------------------------------------------------------------------------- /rocketchat/inventory_yml.tpl: -------------------------------------------------------------------------------- 1 | all: 2 | children: 3 | rocketchat: 4 | hosts: 5 | "${hostname}": 6 | ansible_host: "${public_ip}" 7 | vars: 8 | ansible_user: ${ssh_user} 9 | ansible_ssh_private_key_file: ~/.ssh/id_rsa 10 | -------------------------------------------------------------------------------- /squid-without-module/inventory_yml.tpl: -------------------------------------------------------------------------------- 1 | all: 2 | children: 3 | squid: 4 | hosts: 5 | "${hostname}": 6 | ansible_host: "${public_ip}" 7 | vars: 8 | ansible_user: ${ssh_user} 9 | ansible_ssh_private_key_file: ~/.ssh/id_rsa 10 | -------------------------------------------------------------------------------- /terraform-k8s-app-pv/helm_app_pv_remove.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | # uninstall postgresql 6 | echo "" 7 | echo "helm uninstall postgresql" 8 | helm uninstall -n postgresql postgresql || true 9 | kubectl delete namespace postgresql || true 10 | -------------------------------------------------------------------------------- /freeipa-docker-compose/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | freeipa_password = "" 5 | freeipa_fqdn = freeipa.apatsev.org.ru 6 | freeipa_domain = "apatsev.org.ru" 7 | nat_ip_address = "" -------------------------------------------------------------------------------- /jenkins-lean-delivery/files/projects.yaml: -------------------------------------------------------------------------------- 1 | - project: 2 | name: project-example 3 | jobs: 4 | - '{name}_job': 5 | name: getspace 6 | command: df -h 7 | - '{name}_job': 8 | name: listEtc 9 | command: ls /etc 10 | -------------------------------------------------------------------------------- /jenkins-without-roles/files/projects.yaml: -------------------------------------------------------------------------------- 1 | - project: 2 | name: project-example 3 | jobs: 4 | - '{name}_job': 5 | name: getspace 6 | command: df -h 7 | - '{name}_job': 8 | name: listEtc 9 | command: ls /etc 10 | -------------------------------------------------------------------------------- /terragrunt-k8s/helmfile-loggenerator.yaml: -------------------------------------------------------------------------------- 1 | helmDefaults: 2 | wait: true 3 | 4 | releases: 5 | - name: loggenerator 6 | namespace: loki 7 | createNamespace: true 8 | chart: ./loggenerator 9 | set: 10 | - name: replicaCount 11 | value: 1 12 | -------------------------------------------------------------------------------- /wireguard/templates/clients.conf.j2: -------------------------------------------------------------------------------- 1 | [Interface] 2 | PrivateKey = {{ client_privatekey.stdout }} 3 | Address = 10.27.123.10/32 4 | 5 | [Peer] 6 | PublicKey = {{ wireguard__fact_public_key }} 7 | AllowedIPs = 0.0.0.0/0, ::/0 8 | Endpoint = {{ ansible_host }}:{{ wireguard_port }} 9 | -------------------------------------------------------------------------------- /jenkins-geerlingguy-jenkins/files/projects.yaml: -------------------------------------------------------------------------------- 1 | - project: 2 | name: project-example 3 | jobs: 4 | - '{name}_job': 5 | name: getspace 6 | command: df -h 7 | - '{name}_job': 8 | name: listEtc 9 | command: ls /etc 10 | -------------------------------------------------------------------------------- /openxpki-docker-compose/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | openxpki_password = "" 5 | openxpki_fqdn = openxpki.apatsev.org.ru 6 | openxpki_domain = "apatsev.org.ru" 7 | nat_ip_address = "" -------------------------------------------------------------------------------- /prometheus-loki-loggenerator-in-docker/loki_230_start.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: lokiindocker 3 | become: true 4 | tasks: 5 | 6 | - name: run docker-compose-230.yml 7 | shell: docker-compose -f docker-compose-230.yml up -d 8 | args: 9 | chdir: /etc/docker-compose -------------------------------------------------------------------------------- /prometheus-loki-loggenerator-in-docker/loki_261_start.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: lokiindocker 3 | become: true 4 | tasks: 5 | 6 | - name: run docker-compose-261.yml 7 | shell: docker-compose -f docker-compose-261.yml up -d 8 | args: 9 | chdir: /etc/docker-compose -------------------------------------------------------------------------------- /prometheus-loki-loggenerator-in-docker/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | yc_zone = "ru-central1-b" 5 | family_images_linux = "ubuntu-2004-lts" 6 | ssh_user = "ubuntu" 7 | -------------------------------------------------------------------------------- /prometheus-loki-2-7-loggenerator-in-docker/loki_start.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: lokiindocker 3 | become: true 4 | tasks: 5 | 6 | - name: run docker-compose.yml 7 | shell: docker-compose -f docker-compose.yml up -d 8 | args: 9 | chdir: /etc/docker-compose 10 | -------------------------------------------------------------------------------- /prometheus-loki-2-7-loggenerator-in-docker/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | yc_zone = "ru-central1-b" 5 | family_images_linux = "ubuntu-2004-lts" 6 | ssh_user = "ubuntu" 7 | -------------------------------------------------------------------------------- /terragrunt-k8s-velero-1.21/change_context.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | mkdir -p "/home/$USER/.kube" 4 | cd master 5 | export cluster_id=$(terragrunt output --raw cluster_id) 6 | echo "$cluster_id" 7 | cd .. 8 | yc managed-kubernetes cluster get-credentials --id "$cluster_id" --external --force 9 | -------------------------------------------------------------------------------- /terragrunt-k8s-velero-1.22/change_context.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | mkdir -p "/home/$USER/.kube" 4 | cd master 5 | export cluster_id=$(terragrunt output --raw cluster_id) 6 | echo "$cluster_id" 7 | cd .. 8 | yc managed-kubernetes cluster get-credentials --id "$cluster_id" --external --force 9 | -------------------------------------------------------------------------------- /docker/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /gitlab/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /harbor/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /jaeger/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /jenkins/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /nexus/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /pdc/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /sentry/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /squid/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /terraform-k8s-loki/helm_postgresql_remove.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | # uninstall Kube-Prometheus-Stack 6 | echo "" 7 | echo "helm uninstall Kube-Prometheus-Stack" 8 | helm uninstall -n postgresql postgresql || true 9 | kubectl delete namespace postgresql || true 10 | -------------------------------------------------------------------------------- /terragrunt-k8s-vault-external-secret/change_context.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | mkdir -p "/home/$USER/.kube" 4 | cd master 5 | export cluster_id=$(terragrunt output --raw cluster_id) 6 | echo "$cluster_id" 7 | cd .. 8 | yc managed-kubernetes cluster get-credentials --id "$cluster_id" --external --force 9 | -------------------------------------------------------------------------------- /vector/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /etcd-cluster/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /kubespray/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /letsencrypt/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /pdc-freeipa/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /pdc-gitlab/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /prometheus-grafana/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | yc_zone = "ru-central1-b" 5 | family_images_linux = "ubuntu-2004-lts" 6 | ssh_user = "ubuntu" 7 | domain = "sslip.io" 8 | -------------------------------------------------------------------------------- /prometheus/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /rocketchat/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /seaweedfs/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /sonarqube/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /vault_docker/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /wireguard/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /.editorconfig: -------------------------------------------------------------------------------- 1 | 2 | [*] 3 | charset = utf-8 4 | end_of_line = lf 5 | indent_size = 2 6 | indent_style = space 7 | insert_final_newline = true 8 | trim_trailing_whitespace = true 9 | 10 | [*.md] 11 | trim_trailing_whitespace = false 12 | 13 | [*.{yml,yaml,sh,tf,tfvars,tftpl}] 14 | indent_size = 2 15 | -------------------------------------------------------------------------------- /consul-cluster/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /freeipa-gitlab/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /kafka-cluster/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /mongodb-cluster/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /pdc-gitlab-s3/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /terragrunt-k8s-velero-1.21/helm_app_remove.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | echo "" 4 | 5 | 6 | helmfile destroy --skip-deps --skip-charts -f helmfile-postgresql.yaml 7 | #kubectl delete namespace postgresql || true 8 | #kubectl delete namespace ingress-nginx|| true 9 | #rm -f "/home/$USER/.kube/config" 10 | -------------------------------------------------------------------------------- /terragrunt-k8s-velero-1.22/helm_app_remove.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | echo "" 4 | 5 | 6 | helmfile destroy --skip-deps --skip-charts -f helmfile-postgresql.yaml 7 | #kubectl delete namespace postgresql || true 8 | #kubectl delete namespace ingress-nginx|| true 9 | #rm -f "/home/$USER/.kube/config" 10 | -------------------------------------------------------------------------------- /zabbix-community/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /zookeeper-cluster/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /docker-compose-traefik/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /elasticsearch-cluster/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /freeipa-docker-compose/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /harbor-letsencrypt/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /jenkins-letsencrypt/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /loki-grafana-java-in-docker/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | yc_zone = "ru-central1-b" 5 | family_images_linux = "ubuntu-2004-lts" 6 | ssh_user = "ubuntu" 7 | domain = "sslip.io" 8 | -------------------------------------------------------------------------------- /opensearch-cluster/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /postgresql-cluster/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /prometheus-grafana/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /prometheus-loki-java-in-docker/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | yc_zone = "ru-central1-b" 5 | family_images_linux = "ubuntu-2004-lts" 6 | ssh_user = "ubuntu" 7 | domain = "sslip.io" 8 | -------------------------------------------------------------------------------- /squid-without-module/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /terraform-helm-release-jenkins-out-job2/jobs.tf: -------------------------------------------------------------------------------- 1 | locals { 2 | jenkins_jobs = { 3 | job1 = { 4 | script = templatefile("template-job.tftpl", 5 | { name = "job1", 6 | job_description = "", 7 | authenticationToken = "secret" } 8 | ) 9 | } 10 | } 11 | } -------------------------------------------------------------------------------- /vault_cluster_raft/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /vault_docker/files/vault.hcl: -------------------------------------------------------------------------------- 1 | ui = true 2 | 3 | disable_mlock = true 4 | 5 | storage "file" { 6 | path = "/opt/vault/data" 7 | } 8 | 9 | # HTTP listener 10 | listener "tcp" { 11 | tls_disable = 1 12 | address = "[::]:8200" 13 | cluster_address = "[::]:8201" 14 | } 15 | -------------------------------------------------------------------------------- /consul-cluster/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | yc_zone = "ru-central1-b" 5 | family_images_linux = "ubuntu-2004-lts" 6 | ssh_user = "ubuntu" 7 | memory = "2" # Examples: 2, 4, 6, 8 and more 8 | -------------------------------------------------------------------------------- /docker-compose-letsencrypt/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /loki-grafana-java-in-docker/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /openxpki-docker-compose/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /openxpki-docker-compose/inventory_yml.tpl: -------------------------------------------------------------------------------- 1 | all: 2 | children: 3 | ipaserver: 4 | hosts: 5 | "openxpki": 6 | ansible_host: "${openxpki_public_ip}" 7 | vars: 8 | ansible_user: ${ssh_user} 9 | ansible_ssh_private_key_file: ~/.ssh/id_rsa 10 | ssh_user: "${ssh_user}" 11 | -------------------------------------------------------------------------------- /prometheus-grafana-java-in-docker/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | yc_zone = "ru-central1-b" 5 | family_images_linux = "ubuntu-2004-lts" 6 | ssh_user = "ubuntu" 7 | domain = "sslip.io" 8 | -------------------------------------------------------------------------------- /terragrunt-k8s-vault-external-secret/helm_app_remove.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | echo "" 4 | 5 | 6 | helmfile destroy --skip-deps --skip-charts -f helmfile-postgresql.yaml 7 | #kubectl delete namespace postgresql || true 8 | #kubectl delete namespace ingress-nginx|| true 9 | #rm -f "/home/$USER/.kube/config" 10 | -------------------------------------------------------------------------------- /clickhouse-zookeeper-cluster/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /freeipa-docker-compose-smallstep/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /prometheus-loki-java-in-docker/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /terraform-k8s-app-redis/test/Chart.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: redis 3 | repository: https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami 4 | version: 17.3.7 5 | digest: sha256:7b42b5f8f955033398e6a664bf7d65d26149c79402ee6181dfffb6e08ffec779 6 | generated: "2022-10-26T21:25:08.175003709+06:00" 7 | -------------------------------------------------------------------------------- /victoriametrics-cluster-grafana/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /victoriametrics-single-grafana/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /freeipa-docker-compose-external-ca/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /prometheus-grafana-java-in-docker/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /terraform-ydb/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | } 15 | -------------------------------------------------------------------------------- /harbor/inventory_yml.tpl: -------------------------------------------------------------------------------- 1 | all: 2 | children: 3 | harbor: 4 | hosts: 5 | "${hostname}": 6 | ansible_host: "${public_ip}" 7 | vars: 8 | harbor_external_url: "https://${hostname}.${public_ip}.${domain}" 9 | ansible_user: ${ssh_user} 10 | ansible_ssh_private_key_file: ~/.ssh/id_rsa 11 | -------------------------------------------------------------------------------- /jaeger/inventory_yml.tpl: -------------------------------------------------------------------------------- 1 | all: 2 | children: 3 | jaeger: 4 | hosts: 5 | "${hostname}": 6 | ansible_host: "${public_ip}" 7 | vars: 8 | jaeger_external_url: "https://${hostname}.${public_ip}.${domain}" 9 | ansible_user: ${ssh_user} 10 | ansible_ssh_private_key_file: ~/.ssh/id_rsa 11 | -------------------------------------------------------------------------------- /prometheus-loki-2-7-loggenerator-in-docker/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /prometheus-loki-loggenerator-in-docker/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | 6 | [ssh_connection] 7 | pipelining = True 8 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 9 | transfer_method = piped 10 | -------------------------------------------------------------------------------- /prometheus-loki-loggenerator-in-docker/inventory_yml.tpl: -------------------------------------------------------------------------------- 1 | all: 2 | children: 3 | ${hostname_lokiindocker}: 4 | hosts: 5 | "${hostname_lokiindocker}": 6 | ansible_host: "${public_ip_lokiindocker}" 7 | vars: 8 | ansible_user: ${ssh_user} 9 | ansible_ssh_private_key_file: ~/.ssh/id_rsa 10 | -------------------------------------------------------------------------------- /storage_bucket/s3/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | } 15 | -------------------------------------------------------------------------------- /terraform-k8s-2/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | } 15 | -------------------------------------------------------------------------------- /terraform-k8s-harbor/helm_app_remove.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | echo "" 6 | echo "helm uninstall harbor" 7 | helm uninstall -n harbor harbor || true 8 | kubectl delete namespace harbor || true 9 | helm uninstall -n cert-manager cert-manager || true 10 | kubectl delete namespace cert-manager || true 11 | -------------------------------------------------------------------------------- /terraform-k8s-sentry/helm_app_remove.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | echo "" 6 | echo "helm uninstall sentry" 7 | helm uninstall -n sentry sentry || true 8 | kubectl delete namespace sentry || true 9 | helm uninstall -n cert-manager cert-manager || true 10 | kubectl delete namespace cert-manager || true 11 | -------------------------------------------------------------------------------- /terraform-mongodb/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | } 15 | -------------------------------------------------------------------------------- /terraform-postgres/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | } 15 | -------------------------------------------------------------------------------- /terraform-redis/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | } 15 | -------------------------------------------------------------------------------- /freeipa-gitlab/readme.md: -------------------------------------------------------------------------------- 1 | ### Install freeipa, Gitlab by ansible and terraform to Yandex Cloud 2 | 3 | Run ipa-ctl.sh 4 | 1.) ldapserver=ipaserver_realm: 84.201.141.146.sslip.io 5 | 2.) domain=201.141.146.sslip.io (ldapdomain=dc=201,dc=141,dc=146,dc=sslip,dc=io) 6 | 7 | from repository: 8 | https://github.com/vasyakrg/freeIPA-meetup 9 | -------------------------------------------------------------------------------- /prometheus-loki-2-7-loggenerator-in-docker/inventory_yml.tpl: -------------------------------------------------------------------------------- 1 | all: 2 | children: 3 | ${hostname_lokiindocker}: 4 | hosts: 5 | "${hostname_lokiindocker}": 6 | ansible_host: "${public_ip_lokiindocker}" 7 | vars: 8 | ansible_user: ${ssh_user} 9 | ansible_ssh_private_key_file: ~/.ssh/id_rsa 10 | -------------------------------------------------------------------------------- /terraform-clickhouse/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | } 15 | -------------------------------------------------------------------------------- /terraform-k8s-app-redis/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | } 15 | -------------------------------------------------------------------------------- /terraform-vault-traefik/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | } 15 | -------------------------------------------------------------------------------- /terragrunt-k8s/vpc-address/terragrunt.hcl: -------------------------------------------------------------------------------- 1 | terraform { 2 | source = "github.com/patsevanton/terraform-yandex-vpc-address.git//.?ref=main" 3 | } 4 | 5 | include { 6 | path = find_in_parent_folders() 7 | } 8 | 9 | inputs = { 10 | yandex_vpc_address_name = "grafana" 11 | zone_id = "ru-central1-b" 12 | } 13 | -------------------------------------------------------------------------------- /consul-cluster/inventory_yml.tpl: -------------------------------------------------------------------------------- 1 | all: 2 | children: 3 | consul_instances: 4 | hosts: 5 | %{~ for index, public_ip in consul_public_ip } 6 | consul${index}: 7 | ansible_host: ${public_ip} 8 | %{~ endfor } 9 | vars: 10 | ansible_user: ${ssh_user} 11 | ansible_ssh_private_key_file: ~/.ssh/id_rsa 12 | -------------------------------------------------------------------------------- /prometheus/inventory_yml.tpl: -------------------------------------------------------------------------------- 1 | all: 2 | children: 3 | prometheus: 4 | hosts: 5 | "${hostname}": 6 | ansible_host: "${public_ip}" 7 | vars: 8 | prometheus_external_url: "https://${hostname}.${public_ip}.${domain}" 9 | ansible_user: ${ssh_user} 10 | ansible_ssh_private_key_file: ~/.ssh/id_rsa 11 | -------------------------------------------------------------------------------- /seaweedfs/inventory_yml.tpl: -------------------------------------------------------------------------------- 1 | all: 2 | children: 3 | seaweedfs: 4 | hosts: 5 | "${hostname}": 6 | ansible_host: "${public_ip}" 7 | vars: 8 | seaweedfs_external_url: "https://${hostname}.${public_ip}.${domain}" 9 | ansible_user: ${ssh_user} 10 | ansible_ssh_private_key_file: ~/.ssh/id_rsa 11 | -------------------------------------------------------------------------------- /sonarqube/inventory_yml.tpl: -------------------------------------------------------------------------------- 1 | all: 2 | children: 3 | sonarqube: 4 | hosts: 5 | "${hostname}": 6 | ansible_host: "${public_ip}" 7 | vars: 8 | sonarqube_external_url: "https://${hostname}.${public_ip}.${domain}" 9 | ansible_user: ${ssh_user} 10 | ansible_ssh_private_key_file: ~/.ssh/id_rsa 11 | -------------------------------------------------------------------------------- /terraform-dataproc-yandex/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | } 15 | -------------------------------------------------------------------------------- /terraform-postgres-cluster/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | } 15 | -------------------------------------------------------------------------------- /terraform-s3-bucket/README.md: -------------------------------------------------------------------------------- 1 | ### Velero pod status 2 | ```commandline 3 | kubectl get pods -n velero 4 | ``` 5 | 6 | ### Velero logs 7 | ```commandline 8 | kubectl logs deployment/velero -n velero 9 | ``` 10 | 11 | ### Back up data from the Managed Service for Kubernetes 12 | ```commandline 13 | velero backup create my-backup 14 | ``` -------------------------------------------------------------------------------- /terraform-yc-folder-bucket/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | } 15 | -------------------------------------------------------------------------------- /terragrunt-k8s-dns-vpc/vpc-address/terragrunt.hcl: -------------------------------------------------------------------------------- 1 | terraform { 2 | source = "github.com/patsevanton/terraform-yandex-vpc-address.git//.?ref=main" 3 | } 4 | 5 | include { 6 | path = find_in_parent_folders() 7 | } 8 | 9 | inputs = { 10 | yandex_vpc_address_name = "grafana" 11 | zone_id = "ru-central1-b" 12 | } 13 | -------------------------------------------------------------------------------- /storage_bucket/service_account/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | } 15 | -------------------------------------------------------------------------------- /terraform-helm-release-jenkins/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | } 15 | -------------------------------------------------------------------------------- /terraform-postgres-create-backup/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | } 15 | -------------------------------------------------------------------------------- /terraform-postgres-restore-backup/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | } 15 | -------------------------------------------------------------------------------- /vault_docker/inventory_yml.tpl: -------------------------------------------------------------------------------- 1 | all: 2 | children: 3 | vault_instances: 4 | hosts: 5 | %{~ for index, public_ip in vault_public_ip } 6 | vault${index}: 7 | ansible_host: ${public_ip} 8 | %{~ endfor } 9 | vars: 10 | ansible_user: ${ssh_user} 11 | ansible_ssh_private_key_file: ~/.ssh/id_rsa 12 | 13 | -------------------------------------------------------------------------------- /docker-compose-traefik/inventory_yml.tpl: -------------------------------------------------------------------------------- 1 | all: 2 | children: 3 | docker: 4 | hosts: 5 | "${hostname}": 6 | ansible_host: "${public_ip}" 7 | vars: 8 | ansible_user: ${ssh_user} 9 | ansible_ssh_private_key_file: ~/.ssh/id_rsa 10 | docker_external_url: "${hostname}.${public_ip}.${letsencrypt_domain}" 11 | -------------------------------------------------------------------------------- /freeipa-ansible-collection/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | remote_tmp = /tmp/.ansible/tmp 6 | 7 | [ssh_connection] 8 | pipelining = True 9 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 10 | transfer_method = piped 11 | -------------------------------------------------------------------------------- /storage_bucket_test_s3sync/s3_source/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | } 15 | -------------------------------------------------------------------------------- /terraform-helm-release-ingress-nginx/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | } 15 | -------------------------------------------------------------------------------- /terraform-helm-release-jenkins-out-job/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | } 15 | -------------------------------------------------------------------------------- /terraform-helm-release-jenkins-out-job2/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | } 15 | -------------------------------------------------------------------------------- /terraform-k8s/provider.tf: -------------------------------------------------------------------------------- 1 | # Provider 2 | 3 | terraform { 4 | required_providers { 5 | yandex = { 6 | source = "yandex-cloud/yandex" 7 | version = "0.91.0" 8 | } 9 | } 10 | } 11 | 12 | provider "yandex" { 13 | token = var.yc_token 14 | cloud_id = var.yc_cloud_id 15 | folder_id = var.yc_folder_id 16 | } 17 | -------------------------------------------------------------------------------- /docker-compose-letsencrypt/inventory_yml.tpl: -------------------------------------------------------------------------------- 1 | all: 2 | children: 3 | docker: 4 | hosts: 5 | "${hostname}": 6 | ansible_host: "${public_ip}" 7 | vars: 8 | ansible_user: ${ssh_user} 9 | ansible_ssh_private_key_file: ~/.ssh/id_rsa 10 | docker_external_url: "${hostname}.${public_ip}.${letsencrypt_domain}" 11 | -------------------------------------------------------------------------------- /jenkins-lean-delivery/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | interpreter_python = /usr/bin/python3 6 | 7 | [ssh_connection] 8 | pipelining = True 9 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 10 | transfer_method = piped 11 | -------------------------------------------------------------------------------- /jenkins-without-roles/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | interpreter_python = /usr/bin/python3 6 | 7 | [ssh_connection] 8 | pipelining = True 9 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 10 | transfer_method = piped 11 | -------------------------------------------------------------------------------- /storage_bucket_test_s3sync/s3_destination/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | } 15 | -------------------------------------------------------------------------------- /terraform-helm-release-ingress-static-ip/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | } 15 | -------------------------------------------------------------------------------- /terraform-k8s-2/variables.tf: -------------------------------------------------------------------------------- 1 | variable "yc_token" { 2 | type = string 3 | description = "Yandex Cloud API key" 4 | } 5 | 6 | variable "yc_cloud_id" { 7 | type = string 8 | description = "Yandex Cloud id" 9 | } 10 | 11 | variable "yc_folder_id" { 12 | type = string 13 | description = "Yandex Cloud folder id" 14 | } 15 | -------------------------------------------------------------------------------- /terraform-k8s-app-pv/provider.tf: -------------------------------------------------------------------------------- 1 | # Provider 2 | 3 | terraform { 4 | required_providers { 5 | yandex = { 6 | source = "yandex-cloud/yandex" 7 | version = "0.91.0" 8 | } 9 | } 10 | } 11 | 12 | provider "yandex" { 13 | token = var.yc_token 14 | cloud_id = var.yc_cloud_id 15 | folder_id = var.yc_folder_id 16 | } 17 | -------------------------------------------------------------------------------- /terraform-k8s-harbor/provider.tf: -------------------------------------------------------------------------------- 1 | # Provider 2 | 3 | terraform { 4 | required_providers { 5 | yandex = { 6 | source = "yandex-cloud/yandex" 7 | version = "0.91.0" 8 | } 9 | } 10 | } 11 | 12 | provider "yandex" { 13 | token = var.yc_token 14 | cloud_id = var.yc_cloud_id 15 | folder_id = var.yc_folder_id 16 | } 17 | -------------------------------------------------------------------------------- /terraform-k8s-loki/provider.tf: -------------------------------------------------------------------------------- 1 | # Provider 2 | 3 | terraform { 4 | required_providers { 5 | yandex = { 6 | source = "yandex-cloud/yandex" 7 | version = "0.91.0" 8 | } 9 | } 10 | } 11 | 12 | provider "yandex" { 13 | token = var.yc_token 14 | cloud_id = var.yc_cloud_id 15 | folder_id = var.yc_folder_id 16 | } 17 | -------------------------------------------------------------------------------- /terraform-k8s-nexus/provider.tf: -------------------------------------------------------------------------------- 1 | # Provider 2 | 3 | terraform { 4 | required_providers { 5 | yandex = { 6 | source = "yandex-cloud/yandex" 7 | version = "0.91.0" 8 | } 9 | } 10 | } 11 | 12 | provider "yandex" { 13 | token = var.yc_token 14 | cloud_id = var.yc_cloud_id 15 | folder_id = var.yc_folder_id 16 | } 17 | -------------------------------------------------------------------------------- /terraform-k8s-redis/provider.tf: -------------------------------------------------------------------------------- 1 | # Provider 2 | 3 | terraform { 4 | required_providers { 5 | yandex = { 6 | source = "yandex-cloud/yandex" 7 | version = "0.91.0" 8 | } 9 | } 10 | } 11 | 12 | provider "yandex" { 13 | token = var.yc_token 14 | cloud_id = var.yc_cloud_id 15 | folder_id = var.yc_folder_id 16 | } 17 | -------------------------------------------------------------------------------- /terraform-k8s-sentry/provider.tf: -------------------------------------------------------------------------------- 1 | # Provider 2 | 3 | terraform { 4 | required_providers { 5 | yandex = { 6 | source = "yandex-cloud/yandex" 7 | version = "0.91.0" 8 | } 9 | } 10 | } 11 | 12 | provider "yandex" { 13 | token = var.yc_token 14 | cloud_id = var.yc_cloud_id 15 | folder_id = var.yc_folder_id 16 | } 17 | -------------------------------------------------------------------------------- /terraform-k8s-stress/provider.tf: -------------------------------------------------------------------------------- 1 | # Provider 2 | 3 | terraform { 4 | required_providers { 5 | yandex = { 6 | source = "yandex-cloud/yandex" 7 | version = "0.91.0" 8 | } 9 | } 10 | } 11 | 12 | provider "yandex" { 13 | token = var.yc_token 14 | cloud_id = var.yc_cloud_id 15 | folder_id = var.yc_folder_id 16 | } 17 | -------------------------------------------------------------------------------- /terraform-k8s-tempo/provider.tf: -------------------------------------------------------------------------------- 1 | # Provider 2 | 3 | terraform { 4 | required_providers { 5 | yandex = { 6 | source = "yandex-cloud/yandex" 7 | version = "0.91.0" 8 | } 9 | } 10 | } 11 | 12 | provider "yandex" { 13 | token = var.yc_token 14 | cloud_id = var.yc_cloud_id 15 | folder_id = var.yc_folder_id 16 | } 17 | -------------------------------------------------------------------------------- /terraform-k8s-terragrunt-velero-s3/s3-bucket/terragrunt.hcl: -------------------------------------------------------------------------------- 1 | terraform { 2 | source = "github.com/patsevanton/terraform-yandex-storage-bucket.git//.?ref=main" 3 | } 4 | 5 | include { 6 | path = find_in_parent_folders() 7 | } 8 | 9 | inputs = { 10 | bucket = "velero-apatsev" 11 | service_account_name = "velero-apatsev" 12 | } 13 | -------------------------------------------------------------------------------- /terraform-s3-bucket/provider.tf: -------------------------------------------------------------------------------- 1 | # Provider 2 | 3 | terraform { 4 | required_providers { 5 | yandex = { 6 | source = "yandex-cloud/yandex" 7 | version = "0.91.0" 8 | } 9 | } 10 | } 11 | 12 | provider "yandex" { 13 | token = var.yc_token 14 | cloud_id = var.yc_cloud_id 15 | folder_id = var.yc_folder_id 16 | } 17 | -------------------------------------------------------------------------------- /terraform-ydb/variable.tf: -------------------------------------------------------------------------------- 1 | variable "yc_token" { 2 | type = string 3 | description = "Yandex Cloud API key" 4 | } 5 | 6 | variable "yc_cloud_id" { 7 | type = string 8 | description = "Yandex Cloud id" 9 | } 10 | 11 | variable "yc_folder_id" { 12 | type = string 13 | description = "Yandex Cloud folder id" 14 | } 15 | -------------------------------------------------------------------------------- /terragrunt.hcl: -------------------------------------------------------------------------------- 1 | locals { 2 | env_vars = read_terragrunt_config(find_in_parent_folders("env.hcl")) 3 | } 4 | 5 | inputs = merge({ 6 | cloud_id = local.env_vars.locals.cloud_id 7 | # subnet_ids = local.env_vars.locals.subnet_ids 8 | network_id = local.env_vars.locals.network_id 9 | folder_id = local.env_vars.locals.folder_id 10 | }) 11 | -------------------------------------------------------------------------------- /vault_cluster_raft/inventory_yml.tpl: -------------------------------------------------------------------------------- 1 | all: 2 | children: 3 | vault_instances: 4 | hosts: 5 | %{~ for index, public_ip in vault_public_ip } 6 | vault${index}: 7 | ansible_host: ${public_ip} 8 | %{~ endfor } 9 | vars: 10 | ansible_user: ${ssh_user} 11 | ansible_ssh_private_key_file: ~/.ssh/id_rsa 12 | 13 | -------------------------------------------------------------------------------- /freeipa-gitlab/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | zone = var.yc_zone 15 | } 16 | -------------------------------------------------------------------------------- /jenkins-geerlingguy-jenkins/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | callback_enabled = profile_tasks 3 | stdout_callback = yaml 4 | gathering = smart 5 | interpreter_python = /usr/bin/python3 6 | 7 | [ssh_connection] 8 | pipelining = True 9 | ssh_args = -o ControlMaster=auto -o ControlPersist=15m -o PreferredAuthentications=publickey 10 | transfer_method = piped 11 | -------------------------------------------------------------------------------- /storage_bucket/s3/variables.tf: -------------------------------------------------------------------------------- 1 | variable "yc_token" { 2 | type = string 3 | description = "Yandex Cloud API key" 4 | } 5 | 6 | variable "yc_cloud_id" { 7 | type = string 8 | description = "Yandex Cloud id" 9 | } 10 | 11 | variable "yc_folder_id" { 12 | type = string 13 | description = "Yandex Cloud folder id" 14 | } 15 | -------------------------------------------------------------------------------- /storage_bucket_test_s3sync/service_account_source/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | } 15 | -------------------------------------------------------------------------------- /terraform-k8s-alertmanager/provider.tf: -------------------------------------------------------------------------------- 1 | # Provider 2 | 3 | terraform { 4 | required_providers { 5 | yandex = { 6 | source = "yandex-cloud/yandex" 7 | version = "0.91.0" 8 | } 9 | } 10 | } 11 | 12 | provider "yandex" { 13 | token = var.yc_token 14 | cloud_id = var.yc_cloud_id 15 | folder_id = var.yc_folder_id 16 | } 17 | -------------------------------------------------------------------------------- /terraform-k8s-opensearch/provider.tf: -------------------------------------------------------------------------------- 1 | # Provider 2 | 3 | terraform { 4 | required_providers { 5 | yandex = { 6 | source = "yandex-cloud/yandex" 7 | version = "0.91.0" 8 | } 9 | } 10 | } 11 | 12 | provider "yandex" { 13 | token = var.yc_token 14 | cloud_id = var.yc_cloud_id 15 | folder_id = var.yc_folder_id 16 | } 17 | -------------------------------------------------------------------------------- /terraform-k8s-two-ingress/provider.tf: -------------------------------------------------------------------------------- 1 | # Provider 2 | 3 | terraform { 4 | required_providers { 5 | yandex = { 6 | source = "yandex-cloud/yandex" 7 | version = "0.91.0" 8 | } 9 | } 10 | } 11 | 12 | provider "yandex" { 13 | token = var.yc_token 14 | cloud_id = var.yc_cloud_id 15 | folder_id = var.yc_folder_id 16 | } 17 | -------------------------------------------------------------------------------- /terraform-postgres/variables.tf: -------------------------------------------------------------------------------- 1 | variable "yc_token" { 2 | type = string 3 | description = "Yandex Cloud API key" 4 | } 5 | 6 | variable "yc_cloud_id" { 7 | type = string 8 | description = "Yandex Cloud id" 9 | } 10 | 11 | variable "yc_folder_id" { 12 | type = string 13 | description = "Yandex Cloud folder id" 14 | } 15 | -------------------------------------------------------------------------------- /terraform-yandex-dns-zone/provider.tf: -------------------------------------------------------------------------------- 1 | # Provider 2 | 3 | terraform { 4 | required_providers { 5 | yandex = { 6 | source = "yandex-cloud/yandex" 7 | version = "0.91.0" 8 | } 9 | } 10 | } 11 | 12 | provider "yandex" { 13 | token = var.yc_token 14 | cloud_id = var.yc_cloud_id 15 | folder_id = var.yc_folder_id 16 | } 17 | -------------------------------------------------------------------------------- /storage_bucket_test_s3sync/service_account_destination/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | } 15 | -------------------------------------------------------------------------------- /terraform-coi-before-ingress/provider.tf: -------------------------------------------------------------------------------- 1 | # Provider 2 | 3 | terraform { 4 | required_providers { 5 | yandex = { 6 | source = "yandex-cloud/yandex" 7 | version = "0.91.0" 8 | } 9 | } 10 | } 11 | 12 | provider "yandex" { 13 | token = var.yc_token 14 | cloud_id = var.yc_cloud_id 15 | folder_id = var.yc_folder_id 16 | } 17 | -------------------------------------------------------------------------------- /terraform-dataproc-yandex/variable.tf: -------------------------------------------------------------------------------- 1 | variable "yc_token" { 2 | type = string 3 | description = "Yandex Cloud API key" 4 | } 5 | 6 | variable "yc_cloud_id" { 7 | type = string 8 | description = "Yandex Cloud id" 9 | } 10 | 11 | variable "yc_folder_id" { 12 | type = string 13 | description = "Yandex Cloud folder id" 14 | } 15 | -------------------------------------------------------------------------------- /terraform-k8s-alertmanager-loki/provider.tf: -------------------------------------------------------------------------------- 1 | # Provider 2 | 3 | terraform { 4 | required_providers { 5 | yandex = { 6 | source = "yandex-cloud/yandex" 7 | version = "0.91.0" 8 | } 9 | } 10 | } 11 | 12 | provider "yandex" { 13 | token = var.yc_token 14 | cloud_id = var.yc_cloud_id 15 | folder_id = var.yc_folder_id 16 | } 17 | -------------------------------------------------------------------------------- /terraform-k8s-app-redis/variables.tf: -------------------------------------------------------------------------------- 1 | variable "yc_token" { 2 | type = string 3 | description = "Yandex Cloud API key" 4 | } 5 | 6 | variable "yc_cloud_id" { 7 | type = string 8 | description = "Yandex Cloud id" 9 | } 10 | 11 | variable "yc_folder_id" { 12 | type = string 13 | description = "Yandex Cloud folder id" 14 | } 15 | -------------------------------------------------------------------------------- /terraform-k8s-coi-two-ingress/provider.tf: -------------------------------------------------------------------------------- 1 | # Provider 2 | 3 | terraform { 4 | required_providers { 5 | yandex = { 6 | source = "yandex-cloud/yandex" 7 | version = "0.91.0" 8 | } 9 | } 10 | } 11 | 12 | provider "yandex" { 13 | token = var.yc_token 14 | cloud_id = var.yc_cloud_id 15 | folder_id = var.yc_folder_id 16 | } 17 | -------------------------------------------------------------------------------- /terraform-ydb-database-serverless-terraform-lock/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | } 15 | 16 | -------------------------------------------------------------------------------- /elasticsearch-cluster/inventory_yml.tpl: -------------------------------------------------------------------------------- 1 | all: 2 | children: 3 | elasticsearch_cluster: 4 | hosts: 5 | %{~ for index, public_ip in elasticsearch_public_ip } 6 | elasticsearch${index}: 7 | ansible_host: ${public_ip} 8 | %{~ endfor } 9 | vars: 10 | ansible_user: ${ssh_user} 11 | ansible_ssh_private_key_file: ~/.ssh/id_rsa 12 | -------------------------------------------------------------------------------- /freeipa-ansible-collection/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | } 8 | } 9 | 10 | provider "yandex" { 11 | token = var.yc_token 12 | cloud_id = var.yc_cloud_id 13 | folder_id = var.yc_folder_id 14 | zone = var.yc_zone 15 | } 16 | -------------------------------------------------------------------------------- /k8s-drone-ci/vpc.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_vpc_network" "k8s-network" { 2 | name = "k8s-network" 3 | } 4 | 5 | resource "yandex_vpc_subnet" "k8s-subnet" { 6 | zone = "ru-central1-b" 7 | network_id = yandex_vpc_network.k8s-network.id 8 | v4_cidr_blocks = ["10.5.0.0/24"] 9 | depends_on = [ 10 | yandex_vpc_network.k8s-network, 11 | ] 12 | } 13 | -------------------------------------------------------------------------------- /storage_bucket/service_account/variables.tf: -------------------------------------------------------------------------------- 1 | variable "yc_token" { 2 | type = string 3 | description = "Yandex Cloud API key" 4 | } 5 | 6 | variable "yc_cloud_id" { 7 | type = string 8 | description = "Yandex Cloud id" 9 | } 10 | 11 | variable "yc_folder_id" { 12 | type = string 13 | description = "Yandex Cloud folder id" 14 | } 15 | -------------------------------------------------------------------------------- /terraform-k8s-istio-prometheus-stack/provider.tf: -------------------------------------------------------------------------------- 1 | # Provider 2 | 3 | terraform { 4 | required_providers { 5 | yandex = { 6 | source = "yandex-cloud/yandex" 7 | version = "0.91.0" 8 | } 9 | } 10 | } 11 | 12 | provider "yandex" { 13 | token = var.yc_token 14 | cloud_id = var.yc_cloud_id 15 | folder_id = var.yc_folder_id 16 | } 17 | -------------------------------------------------------------------------------- /terraform-postgres-cluster/variables.tf: -------------------------------------------------------------------------------- 1 | variable "yc_token" { 2 | type = string 3 | description = "Yandex Cloud API key" 4 | } 5 | 6 | variable "yc_cloud_id" { 7 | type = string 8 | description = "Yandex Cloud id" 9 | } 10 | 11 | variable "yc_folder_id" { 12 | type = string 13 | description = "Yandex Cloud folder id" 14 | } 15 | -------------------------------------------------------------------------------- /terraform-yc-folder-bucket/variables.tf: -------------------------------------------------------------------------------- 1 | variable "yc_token" { 2 | type = string 3 | description = "Yandex Cloud API key" 4 | } 5 | 6 | variable "yc_cloud_id" { 7 | type = string 8 | description = "Yandex Cloud id" 9 | } 10 | 11 | variable "yc_folder_id" { 12 | type = string 13 | description = "Yandex Cloud folder id" 14 | } 15 | -------------------------------------------------------------------------------- /harbor-letsencrypt/readme.md: -------------------------------------------------------------------------------- 1 | ### Install harbor by ansible and terraform to Yandex Cloud 2 | 3 | certificate to /etc/letsencrypt/live/harbor.xxx.sslip.io/cert.pem 4 | private key to /etc/letsencrypt/live/harbor.xxx.sslip.io/privkey.pem 5 | chain to /etc/letsencrypt/live/harbor.xxx.sslip.io/chain.pem 6 | full chain to /etc/letsencrypt/live/harbor.xxx.sslip.io/fullchain.pem 7 | -------------------------------------------------------------------------------- /jenkins-in-k8s/vpc.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_vpc_network" "k8s-network" { 2 | name = "k8s-network" 3 | } 4 | 5 | resource "yandex_vpc_subnet" "k8s-subnet" { 6 | zone = "ru-central1-b" 7 | network_id = yandex_vpc_network.k8s-network.id 8 | v4_cidr_blocks = ["10.5.0.0/24"] 9 | depends_on = [ 10 | yandex_vpc_network.k8s-network, 11 | ] 12 | } 13 | -------------------------------------------------------------------------------- /k8s-jenkins-x/vpc.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_vpc_network" "k8s-network" { 2 | name = "k8s-network" 3 | } 4 | 5 | resource "yandex_vpc_subnet" "k8s-subnet" { 6 | zone = "ru-central1-b" 7 | network_id = yandex_vpc_network.k8s-network.id 8 | v4_cidr_blocks = ["10.5.0.0/24"] 9 | depends_on = [ 10 | yandex_vpc_network.k8s-network, 11 | ] 12 | } 13 | -------------------------------------------------------------------------------- /terraform-k8s/vpc.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_vpc_network" "k8s-network" { 2 | name = "k8s-network" 3 | } 4 | 5 | resource "yandex_vpc_subnet" "k8s-subnet" { 6 | zone = "ru-central1-b" 7 | network_id = yandex_vpc_network.k8s-network.id 8 | v4_cidr_blocks = ["10.5.0.0/24"] 9 | depends_on = [ 10 | yandex_vpc_network.k8s-network, 11 | ] 12 | } 13 | -------------------------------------------------------------------------------- /terraform-vault-traefik/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | jenkins_dns_name = "" 5 | jenkins_version = "2.346.2-jdk11" 6 | email_letsencrypt = "" 7 | clientId = "xxx-xxx.apps.googleusercontent.com" 8 | clientSecret = "" 9 | google_domain = "" 10 | dns_domain = "" 11 | -------------------------------------------------------------------------------- /storage_bucket_test_s3sync/s3_source/variables.tf: -------------------------------------------------------------------------------- 1 | variable "yc_token" { 2 | type = string 3 | description = "Yandex Cloud API key" 4 | } 5 | 6 | variable "yc_cloud_id" { 7 | type = string 8 | description = "Yandex Cloud id" 9 | } 10 | 11 | variable "yc_folder_id" { 12 | type = string 13 | description = "Yandex Cloud folder id" 14 | } 15 | -------------------------------------------------------------------------------- /terraform-helm-release-ingress-nginx/variables.tf: -------------------------------------------------------------------------------- 1 | variable "yc_token" { 2 | type = string 3 | description = "Yandex Cloud API key" 4 | } 5 | 6 | variable "yc_cloud_id" { 7 | type = string 8 | description = "Yandex Cloud id" 9 | } 10 | 11 | variable "yc_folder_id" { 12 | type = string 13 | description = "Yandex Cloud folder id" 14 | } 15 | -------------------------------------------------------------------------------- /terraform-helm-release-ingress-static-ip/variables.tf: -------------------------------------------------------------------------------- 1 | variable "yc_token" { 2 | type = string 3 | description = "Yandex Cloud API key" 4 | } 5 | 6 | variable "yc_cloud_id" { 7 | type = string 8 | description = "Yandex Cloud id" 9 | } 10 | 11 | variable "yc_folder_id" { 12 | type = string 13 | description = "Yandex Cloud folder id" 14 | } 15 | -------------------------------------------------------------------------------- /terraform-helm-release-jenkins/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | jenkins_dns_name = "" 5 | jenkins_version = "2.346.2-jdk11" 6 | email_letsencrypt = "" 7 | clientId = "xxx-xxx.apps.googleusercontent.com" 8 | clientSecret = "" 9 | google_domain = "" 10 | dns_domain = "" 11 | -------------------------------------------------------------------------------- /terraform-k8s/variables.tf: -------------------------------------------------------------------------------- 1 | # Variables 2 | 3 | variable "yc_token" { 4 | type = string 5 | description = "Yandex Cloud API key" 6 | } 7 | 8 | variable "yc_cloud_id" { 9 | type = string 10 | description = "Yandex Cloud id" 11 | } 12 | 13 | variable "yc_folder_id" { 14 | type = string 15 | description = "Yandex Cloud folder id" 16 | } 17 | -------------------------------------------------------------------------------- /storage_bucket_test_s3sync/s3_destination/variables.tf: -------------------------------------------------------------------------------- 1 | variable "yc_token" { 2 | type = string 3 | description = "Yandex Cloud API key" 4 | } 5 | 6 | variable "yc_cloud_id" { 7 | type = string 8 | description = "Yandex Cloud id" 9 | } 10 | 11 | variable "yc_folder_id" { 12 | type = string 13 | description = "Yandex Cloud folder id" 14 | } 15 | -------------------------------------------------------------------------------- /terraform-helm-release-jenkins-out-job2/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | jenkins_dns_name = "" 5 | jenkins_version = "2.361.1-lts" 6 | email_letsencrypt = "" 7 | clientId = "xxx-xxx.apps.googleusercontent.com" 8 | clientSecret = "" 9 | google_domain = "" 10 | dns_domain = "" 11 | -------------------------------------------------------------------------------- /terraform-k8s-app-pv/variables.tf: -------------------------------------------------------------------------------- 1 | # Variables 2 | 3 | variable "yc_token" { 4 | type = string 5 | description = "Yandex Cloud API key" 6 | } 7 | 8 | variable "yc_cloud_id" { 9 | type = string 10 | description = "Yandex Cloud id" 11 | } 12 | 13 | variable "yc_folder_id" { 14 | type = string 15 | description = "Yandex Cloud folder id" 16 | } 17 | -------------------------------------------------------------------------------- /terraform-k8s-loki/variables.tf: -------------------------------------------------------------------------------- 1 | # Variables 2 | 3 | variable "yc_token" { 4 | type = string 5 | description = "Yandex Cloud API key" 6 | } 7 | 8 | variable "yc_cloud_id" { 9 | type = string 10 | description = "Yandex Cloud id" 11 | } 12 | 13 | variable "yc_folder_id" { 14 | type = string 15 | description = "Yandex Cloud folder id" 16 | } 17 | -------------------------------------------------------------------------------- /terraform-k8s-redis/variables.tf: -------------------------------------------------------------------------------- 1 | # Variables 2 | 3 | variable "yc_token" { 4 | type = string 5 | description = "Yandex Cloud API key" 6 | } 7 | 8 | variable "yc_cloud_id" { 9 | type = string 10 | description = "Yandex Cloud id" 11 | } 12 | 13 | variable "yc_folder_id" { 14 | type = string 15 | description = "Yandex Cloud folder id" 16 | } 17 | -------------------------------------------------------------------------------- /terraform-k8s-tempo/variables.tf: -------------------------------------------------------------------------------- 1 | # Variables 2 | 3 | variable "yc_token" { 4 | type = string 5 | description = "Yandex Cloud API key" 6 | } 7 | 8 | variable "yc_cloud_id" { 9 | type = string 10 | description = "Yandex Cloud id" 11 | } 12 | 13 | variable "yc_folder_id" { 14 | type = string 15 | description = "Yandex Cloud folder id" 16 | } 17 | -------------------------------------------------------------------------------- /terraform-s3-bucket/variables.tf: -------------------------------------------------------------------------------- 1 | # Variables 2 | 3 | variable "yc_token" { 4 | type = string 5 | description = "Yandex Cloud API key" 6 | } 7 | 8 | variable "yc_cloud_id" { 9 | type = string 10 | description = "Yandex Cloud id" 11 | } 12 | 13 | variable "yc_folder_id" { 14 | type = string 15 | description = "Yandex Cloud folder id" 16 | } 17 | -------------------------------------------------------------------------------- /terragrunt-k8s/helmfile-promtail.yaml: -------------------------------------------------------------------------------- 1 | helmDefaults: 2 | wait: true 3 | 4 | repositories: 5 | - name: grafana 6 | url: https://grafana.github.io/helm-charts 7 | 8 | releases: 9 | - name: promtail 10 | namespace: logging 11 | createNamespace: true 12 | chart: grafana/promtail 13 | version: 6.8.2 14 | values: 15 | - "values-promtail.yaml" 16 | -------------------------------------------------------------------------------- /storage_bucket_test_s3sync/service_account_source/variables.tf: -------------------------------------------------------------------------------- 1 | variable "yc_token" { 2 | type = string 3 | description = "Yandex Cloud API key" 4 | } 5 | 6 | variable "yc_cloud_id" { 7 | type = string 8 | description = "Yandex Cloud id" 9 | } 10 | 11 | variable "yc_folder_id" { 12 | type = string 13 | description = "Yandex Cloud folder id" 14 | } 15 | -------------------------------------------------------------------------------- /terraform-helm-release-jenkins-out-job/private.auto.tfvars.example: -------------------------------------------------------------------------------- 1 | yc_token = "" 2 | yc_cloud_id = "" 3 | yc_folder_id = "" 4 | jenkins_dns_name = "" 5 | jenkins_version = "2.346.2-jdk11" 6 | email_letsencrypt = "" 7 | clientId = "xxx-xxx.apps.googleusercontent.com" 8 | clientSecret = "" 9 | google_domain = "" 10 | dns_domain = "" 11 | -------------------------------------------------------------------------------- /terraform-k8s-alertmanager/variables.tf: -------------------------------------------------------------------------------- 1 | # Variables 2 | 3 | variable "yc_token" { 4 | type = string 5 | description = "Yandex Cloud API key" 6 | } 7 | 8 | variable "yc_cloud_id" { 9 | type = string 10 | description = "Yandex Cloud id" 11 | } 12 | 13 | variable "yc_folder_id" { 14 | type = string 15 | description = "Yandex Cloud folder id" 16 | } 17 | -------------------------------------------------------------------------------- /terraform-k8s-coi-two-ingress/helmfile-cert-manager.yaml: -------------------------------------------------------------------------------- 1 | repositories: 2 | - name: cert-manager 3 | url: https://charts.jetstack.io 4 | 5 | releases: 6 | - name: cert-manager 7 | namespace: cert-manager 8 | createNamespace: true 9 | chart: cert-manager/cert-manager 10 | version: 1.11.0 11 | set: 12 | - name: installCRDs 13 | value: true 14 | -------------------------------------------------------------------------------- /terraform-k8s-opensearch/variables.tf: -------------------------------------------------------------------------------- 1 | # Variables 2 | 3 | variable "yc_token" { 4 | type = string 5 | description = "Yandex Cloud API key" 6 | } 7 | 8 | variable "yc_cloud_id" { 9 | type = string 10 | description = "Yandex Cloud id" 11 | } 12 | 13 | variable "yc_folder_id" { 14 | type = string 15 | description = "Yandex Cloud folder id" 16 | } 17 | -------------------------------------------------------------------------------- /terraform-yandex-dns-zone/variables.tf: -------------------------------------------------------------------------------- 1 | # Variables 2 | 3 | variable "yc_token" { 4 | type = string 5 | description = "Yandex Cloud API key" 6 | } 7 | 8 | variable "yc_cloud_id" { 9 | type = string 10 | description = "Yandex Cloud id" 11 | } 12 | 13 | variable "yc_folder_id" { 14 | type = string 15 | description = "Yandex Cloud folder id" 16 | } 17 | -------------------------------------------------------------------------------- /terraform-ydb-database-serverless-terraform-lock/variable.tf: -------------------------------------------------------------------------------- 1 | variable "yc_token" { 2 | type = string 3 | description = "Yandex Cloud API key" 4 | } 5 | 6 | variable "yc_cloud_id" { 7 | type = string 8 | description = "Yandex Cloud id" 9 | } 10 | 11 | variable "yc_folder_id" { 12 | type = string 13 | description = "Yandex Cloud folder id" 14 | } 15 | -------------------------------------------------------------------------------- /terragrunt-k8s-dns-vpc/time-sleep/terragrunt.hcl: -------------------------------------------------------------------------------- 1 | terraform { 2 | source = "github.com/patsevanton/terraform-time-sleep.git//.?ref=main" 3 | } 4 | 5 | include { 6 | path = find_in_parent_folders() 7 | } 8 | 9 | dependency "vpc-address" { 10 | config_path = "../vpc-address" 11 | } 12 | 13 | inputs = { 14 | create_duration = "10s" 15 | destroy_duration = "10s" 16 | } 17 | -------------------------------------------------------------------------------- /victoriametrics-single-grafana/playbook.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: vm-single 3 | collections: 4 | - victoriametrics.cluster 5 | become: true 6 | roles: 7 | - role: cloudalchemy.node_exporter 8 | vars: 9 | node_exporter_version: 1.3.1 10 | - role: victoriametrics.cluster.vmagent 11 | - role: victoriametrics.cluster.single 12 | - role: buluma.grafana 13 | -------------------------------------------------------------------------------- /jenkins-without-roles/files/job-template.yaml: -------------------------------------------------------------------------------- 1 | - job-template: 2 | name: '{name}_job' 3 | description: 'Automatically generated test' 4 | project-type: freestyle 5 | parameters: 6 | - string: 7 | name: FOO 8 | default: bar 9 | description: "A parameter named FOO, defaults to 'bar'." 10 | builders: 11 | - shell: '{command}' 12 | -------------------------------------------------------------------------------- /storage_bucket_test_s3sync/service_account_destination/variables.tf: -------------------------------------------------------------------------------- 1 | variable "yc_token" { 2 | type = string 3 | description = "Yandex Cloud API key" 4 | } 5 | 6 | variable "yc_cloud_id" { 7 | type = string 8 | description = "Yandex Cloud id" 9 | } 10 | 11 | variable "yc_folder_id" { 12 | type = string 13 | description = "Yandex Cloud folder id" 14 | } 15 | -------------------------------------------------------------------------------- /terraform-coi-before-ingress/variables.tf: -------------------------------------------------------------------------------- 1 | # Variables 2 | 3 | variable "yc_token" { 4 | type = string 5 | description = "Yandex Cloud API key" 6 | } 7 | 8 | variable "yc_cloud_id" { 9 | type = string 10 | description = "Yandex Cloud id" 11 | } 12 | 13 | variable "yc_folder_id" { 14 | type = string 15 | description = "Yandex Cloud folder id" 16 | } 17 | -------------------------------------------------------------------------------- /terraform-helm-release-ingress-nginx/vpc.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_vpc_network" "k8s-network" { 2 | name = "k8s-network" 3 | } 4 | 5 | resource "yandex_vpc_subnet" "k8s-subnet" { 6 | zone = "ru-central1-b" 7 | network_id = yandex_vpc_network.k8s-network.id 8 | v4_cidr_blocks = ["10.5.0.0/24"] 9 | depends_on = [ 10 | yandex_vpc_network.k8s-network, 11 | ] 12 | } 13 | -------------------------------------------------------------------------------- /terraform-k8s-alertmanager-loki/variables.tf: -------------------------------------------------------------------------------- 1 | # Variables 2 | 3 | variable "yc_token" { 4 | type = string 5 | description = "Yandex Cloud API key" 6 | } 7 | 8 | variable "yc_cloud_id" { 9 | type = string 10 | description = "Yandex Cloud id" 11 | } 12 | 13 | variable "yc_folder_id" { 14 | type = string 15 | description = "Yandex Cloud folder id" 16 | } 17 | -------------------------------------------------------------------------------- /terragrunt-k8s-velero-1.21/helmfile-postgresql.yaml: -------------------------------------------------------------------------------- 1 | helmDefaults: 2 | wait: true 3 | 4 | repositories: 5 | - name: bitnami 6 | url: https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami 7 | 8 | releases: 9 | - name: postgresql 10 | namespace: postgresql 11 | createNamespace: true 12 | chart: bitnami/postgresql 13 | version: 12.2.1 14 | 15 | -------------------------------------------------------------------------------- /terragrunt-k8s-velero-1.22/helmfile-postgresql.yaml: -------------------------------------------------------------------------------- 1 | helmDefaults: 2 | wait: true 3 | 4 | repositories: 5 | - name: bitnami 6 | url: https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami 7 | 8 | releases: 9 | - name: postgresql 10 | namespace: postgresql 11 | createNamespace: true 12 | chart: bitnami/postgresql 13 | version: 12.2.1 14 | 15 | -------------------------------------------------------------------------------- /zabbix-community/host_ini.tpl: -------------------------------------------------------------------------------- 1 | [zabbix_server] 2 | zabbix_server ansible_host=${zabbix_server_public_ip} 3 | 4 | [zabbix_database] 5 | zabbix_database ansible_host=${zabbix_database_public_ip} 6 | 7 | [database:children] 8 | zabbix_database 9 | zabbix_proxy 10 | 11 | # Connection settings 12 | [all:vars] 13 | ansible_user=${ssh_user} 14 | ansible_ssh_private_key_file=~/.ssh/id_rsa 15 | -------------------------------------------------------------------------------- /jenkins-geerlingguy-jenkins/files/job-template.yaml: -------------------------------------------------------------------------------- 1 | - job-template: 2 | name: '{name}_job' 3 | description: 'Automatically generated test' 4 | project-type: freestyle 5 | parameters: 6 | - string: 7 | name: FOO 8 | default: bar 9 | description: "A parameter named FOO, defaults to 'bar'." 10 | builders: 11 | - shell: '{command}' 12 | -------------------------------------------------------------------------------- /terraform-k8s-istio-prometheus-stack/variables.tf: -------------------------------------------------------------------------------- 1 | # Variables 2 | 3 | variable "yc_token" { 4 | type = string 5 | description = "Yandex Cloud API key" 6 | } 7 | 8 | variable "yc_cloud_id" { 9 | type = string 10 | description = "Yandex Cloud id" 11 | } 12 | 13 | variable "yc_folder_id" { 14 | type = string 15 | description = "Yandex Cloud folder id" 16 | } 17 | -------------------------------------------------------------------------------- /terragrunt-k8s-opentelemetry-demo/helmfile-promtail.yaml: -------------------------------------------------------------------------------- 1 | helmDefaults: 2 | wait: true 3 | 4 | repositories: 5 | - name: grafana 6 | url: https://grafana.github.io/helm-charts 7 | 8 | releases: 9 | - name: promtail 10 | namespace: logging 11 | createNamespace: true 12 | chart: grafana/promtail 13 | version: 6.8.2 14 | values: 15 | - "values-promtail.yaml" 16 | -------------------------------------------------------------------------------- /sentry/vpc.tf: -------------------------------------------------------------------------------- 1 | data "yandex_vpc_network" "default" { 2 | name = "default" 3 | } 4 | 5 | data "yandex_vpc_subnet" "default-ru-central1-a" { 6 | name = "default-ru-central1-a" 7 | } 8 | 9 | data "yandex_vpc_subnet" "default-ru-central1-b" { 10 | name = "default-ru-central1-b" 11 | } 12 | 13 | data "yandex_vpc_subnet" "default-ru-central1-d" { 14 | name = "default-ru-central1-d" 15 | } 16 | -------------------------------------------------------------------------------- /terragrunt-k8s-vault-external-secret/helmfile-postgresql.yaml: -------------------------------------------------------------------------------- 1 | helmDefaults: 2 | wait: true 3 | 4 | repositories: 5 | - name: bitnami 6 | url: https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami 7 | 8 | releases: 9 | - name: postgresql 10 | namespace: postgresql 11 | createNamespace: true 12 | chart: bitnami/postgresql 13 | version: 12.2.1 14 | 15 | -------------------------------------------------------------------------------- /jenkins-in-k8s/service-accounts.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_iam_service_account" "sa-k8s-admin" { 2 | folder_id = var.yc_folder_id 3 | name = "sa-k8s-admin" 4 | } 5 | 6 | resource "yandex_resourcemanager_folder_iam_member" "sa-k8s-admin-permissions" { 7 | folder_id = var.yc_folder_id 8 | role = "admin" 9 | member = "serviceAccount:${yandex_iam_service_account.sa-k8s-admin.id}" 10 | } 11 | -------------------------------------------------------------------------------- /k8s-drone-ci/service-accounts.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_iam_service_account" "sa-k8s-admin" { 2 | folder_id = var.yc_folder_id 3 | name = "sa-k8s-admin" 4 | } 5 | 6 | resource "yandex_resourcemanager_folder_iam_member" "sa-k8s-admin-permissions" { 7 | folder_id = var.yc_folder_id 8 | role = "admin" 9 | member = "serviceAccount:${yandex_iam_service_account.sa-k8s-admin.id}" 10 | } 11 | -------------------------------------------------------------------------------- /k8s-jenkins-x/service-accounts.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_iam_service_account" "sa-k8s-admin" { 2 | folder_id = var.yc_folder_id 3 | name = "sa-k8s-admin" 4 | } 5 | 6 | resource "yandex_resourcemanager_folder_iam_member" "sa-k8s-admin-permissions" { 7 | folder_id = var.yc_folder_id 8 | role = "admin" 9 | member = "serviceAccount:${yandex_iam_service_account.sa-k8s-admin.id}" 10 | } 11 | -------------------------------------------------------------------------------- /terraform-k8s-2/prometheus.yaml: -------------------------------------------------------------------------------- 1 | grafana: 2 | adminPassword: phaeleethe4zieJo 3 | ingress: 4 | enabled: true 5 | annotations: 6 | kubernetes.io/ingress.class: nginx 7 | hosts: ['grafana.158.160.9.66.sslip.io'] 8 | path: "/" 9 | 10 | prometheus: 11 | prometheusSpec: 12 | podMonitorSelectorNilUsesHelmValues: false 13 | serviceMonitorSelectorNilUsesHelmValues: false 14 | -------------------------------------------------------------------------------- /terraform-k8s-2/service-accounts.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_iam_service_account" "sa-k8s-admin" { 2 | folder_id = var.yc_folder_id 3 | name = "sa-k8s-admin" 4 | } 5 | 6 | resource "yandex_resourcemanager_folder_iam_member" "sa-k8s-admin-permissions" { 7 | folder_id = var.yc_folder_id 8 | role = "admin" 9 | member = "serviceAccount:${yandex_iam_service_account.sa-k8s-admin.id}" 10 | } 11 | -------------------------------------------------------------------------------- /sentry/dns.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_dns_zone" "apatsev_org_ru" { 2 | name = "apatsev-org-ru" 3 | zone = "apatsev.org.ru." 4 | public = true 5 | } 6 | 7 | resource "yandex_dns_recordset" "sentry_apatsev_org_ru" { 8 | zone_id = yandex_dns_zone.apatsev_org_ru.id 9 | name = "sentry.apatsev.org.ru." 10 | type = "A" 11 | ttl = 200 12 | data = [module.sentry.external_ip[0]] 13 | } 14 | -------------------------------------------------------------------------------- /terraform-k8s-app-redis/prometheus.yaml: -------------------------------------------------------------------------------- 1 | grafana: 2 | adminPassword: phaeleethe4zieJo 3 | ingress: 4 | enabled: true 5 | annotations: 6 | kubernetes.io/ingress.class: nginx 7 | hosts: ['grafana.158.160.9.66.sslip.io'] 8 | path: "/" 9 | 10 | prometheus: 11 | prometheusSpec: 12 | podMonitorSelectorNilUsesHelmValues: false 13 | serviceMonitorSelectorNilUsesHelmValues: false 14 | -------------------------------------------------------------------------------- /terraform-k8s-tempo/gateway-grafana.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: networking.istio.io/v1alpha3 3 | kind: Gateway 4 | metadata: 5 | name: grafana-gateway 6 | namespace: istio-system 7 | spec: 8 | selector: 9 | istio: ingressgateway 10 | servers: 11 | - port: 12 | number: 80 13 | name: http 14 | protocol: HTTP 15 | hosts: 16 | - "promgrafana.apatsev.org.ru" 17 | -------------------------------------------------------------------------------- /terragrunt-k8s/helmfile-loki-distributed.yaml: -------------------------------------------------------------------------------- 1 | helmDefaults: 2 | wait: true 3 | 4 | repositories: 5 | - name: grafana 6 | url: https://grafana.github.io/helm-charts 7 | 8 | releases: 9 | - name: loki-distributed 10 | namespace: loki 11 | createNamespace: true 12 | chart: grafana/loki-distributed 13 | version: 0.69.4 14 | values: 15 | - "values-loki-distributed.yaml" 16 | -------------------------------------------------------------------------------- /freeipa-docker-compose/vpc.tf: -------------------------------------------------------------------------------- 1 | data "yandex_vpc_network" "default" { 2 | name = "default" 3 | } 4 | 5 | data "yandex_vpc_subnet" "default-ru-central1-a" { 6 | name = "default-ru-central1-a" 7 | } 8 | 9 | data "yandex_vpc_subnet" "default-ru-central1-b" { 10 | name = "default-ru-central1-b" 11 | } 12 | 13 | data "yandex_vpc_subnet" "default-ru-central1-d" { 14 | name = "default-ru-central1-d" 15 | } 16 | -------------------------------------------------------------------------------- /openxpki-docker-compose/vpc.tf: -------------------------------------------------------------------------------- 1 | data "yandex_vpc_network" "default" { 2 | name = "default" 3 | } 4 | 5 | data "yandex_vpc_subnet" "default-ru-central1-a" { 6 | name = "default-ru-central1-a" 7 | } 8 | 9 | data "yandex_vpc_subnet" "default-ru-central1-b" { 10 | name = "default-ru-central1-b" 11 | } 12 | 13 | data "yandex_vpc_subnet" "default-ru-central1-d" { 14 | name = "default-ru-central1-d" 15 | } 16 | -------------------------------------------------------------------------------- /terraform-k8s-app-redis/service-accounts.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_iam_service_account" "sa-k8s-admin" { 2 | folder_id = var.yc_folder_id 3 | name = "sa-k8s-admin" 4 | } 5 | 6 | resource "yandex_resourcemanager_folder_iam_member" "sa-k8s-admin-permissions" { 7 | folder_id = var.yc_folder_id 8 | role = "admin" 9 | member = "serviceAccount:${yandex_iam_service_account.sa-k8s-admin.id}" 10 | } 11 | -------------------------------------------------------------------------------- /terraform-k8s-coi-two-ingress/helmfile-traefik.yaml: -------------------------------------------------------------------------------- 1 | repositories: 2 | - name: traefik 3 | url: https://traefik.github.io/charts 4 | 5 | releases: 6 | - name: traefik 7 | namespace: traefik 8 | createNamespace: true 9 | chart: traefik/traefik 10 | version: 20.8.0 11 | set: 12 | - name: service.spec.loadBalancerIP 13 | value: {{ requiredEnv "TraefikLoadBalancerIP" }} 14 | -------------------------------------------------------------------------------- /terraform-coi-before-ingress/vpc.tf: -------------------------------------------------------------------------------- 1 | data "yandex_vpc_network" "default" { 2 | name = "default" 3 | } 4 | 5 | data "yandex_vpc_subnet" "default-ru-central1-a" { 6 | name = "default-ru-central1-a" 7 | } 8 | 9 | data "yandex_vpc_subnet" "default-ru-central1-b" { 10 | name = "default-ru-central1-b" 11 | } 12 | 13 | data "yandex_vpc_subnet" "default-ru-central1-d" { 14 | name = "default-ru-central1-d" 15 | } 16 | -------------------------------------------------------------------------------- /terraform-helm-release-jenkins/service-accounts.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_iam_service_account" "sa-k8s-admin" { 2 | folder_id = var.yc_folder_id 3 | name = "sa-k8s-admin" 4 | } 5 | 6 | resource "yandex_resourcemanager_folder_iam_member" "sa-k8s-admin-permissions" { 7 | folder_id = var.yc_folder_id 8 | role = "admin" 9 | member = "serviceAccount:${yandex_iam_service_account.sa-k8s-admin.id}" 10 | } 11 | -------------------------------------------------------------------------------- /terraform-k8s-app-redis/test/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "test.serviceAccountName" . }} 6 | labels: 7 | {{- include "test.labels" . | nindent 4 }} 8 | {{- with .Values.serviceAccount.annotations }} 9 | annotations: 10 | {{- toYaml . | nindent 4 }} 11 | {{- end }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /terraform-postgres-cluster/vpc.tf: -------------------------------------------------------------------------------- 1 | data "yandex_vpc_network" "default" { 2 | name = "default" 3 | } 4 | 5 | data "yandex_vpc_subnet" "default-ru-central1-a" { 6 | name = "default-ru-central1-a" 7 | } 8 | 9 | data "yandex_vpc_subnet" "default-ru-central1-b" { 10 | name = "default-ru-central1-b" 11 | } 12 | 13 | data "yandex_vpc_subnet" "default-ru-central1-d" { 14 | name = "default-ru-central1-d" 15 | } 16 | -------------------------------------------------------------------------------- /freeipa-docker-compose-external-ca/vpc.tf: -------------------------------------------------------------------------------- 1 | data "yandex_vpc_network" "default" { 2 | name = "default" 3 | } 4 | 5 | data "yandex_vpc_subnet" "default-ru-central1-a" { 6 | name = "default-ru-central1-a" 7 | } 8 | 9 | data "yandex_vpc_subnet" "default-ru-central1-b" { 10 | name = "default-ru-central1-b" 11 | } 12 | 13 | data "yandex_vpc_subnet" "default-ru-central1-d" { 14 | name = "default-ru-central1-d" 15 | } 16 | -------------------------------------------------------------------------------- /freeipa-docker-compose-smallstep/vpc.tf: -------------------------------------------------------------------------------- 1 | data "yandex_vpc_network" "default" { 2 | name = "default" 3 | } 4 | 5 | data "yandex_vpc_subnet" "default-ru-central1-a" { 6 | name = "default-ru-central1-a" 7 | } 8 | 9 | data "yandex_vpc_subnet" "default-ru-central1-b" { 10 | name = "default-ru-central1-b" 11 | } 12 | 13 | data "yandex_vpc_subnet" "default-ru-central1-d" { 14 | name = "default-ru-central1-d" 15 | } 16 | -------------------------------------------------------------------------------- /freeipa-docker-compose/dns.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_dns_zone" "apatsev_org_ru" { 2 | name = "apatsev-org-ru" 3 | zone = "apatsev.org.ru." 4 | public = true 5 | } 6 | 7 | resource "yandex_dns_recordset" "freeipa_apatsev_org_ru" { 8 | zone_id = yandex_dns_zone.apatsev_org_ru.id 9 | name = "freeipa.apatsev.org.ru." 10 | type = "A" 11 | ttl = 200 12 | data = [module.freeipa.external_ip[0]] 13 | } 14 | -------------------------------------------------------------------------------- /terraform-helm-release-ingress-nginx/service-accounts.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_iam_service_account" "sa-k8s-admin" { 2 | folder_id = var.yc_folder_id 3 | name = "sa-k8s-admin" 4 | } 5 | 6 | resource "yandex_resourcemanager_folder_iam_member" "sa-k8s-admin-permissions" { 7 | folder_id = var.yc_folder_id 8 | role = "admin" 9 | member = "serviceAccount:${yandex_iam_service_account.sa-k8s-admin.id}" 10 | } 11 | -------------------------------------------------------------------------------- /terraform-k8s-istio-prometheus-stack/gateway-grafana.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: networking.istio.io/v1alpha3 3 | kind: Gateway 4 | metadata: 5 | name: grafana-gateway 6 | namespace: istio-system 7 | spec: 8 | selector: 9 | istio: ingressgateway 10 | servers: 11 | - port: 12 | number: 80 13 | name: http 14 | protocol: HTTP 15 | hosts: 16 | - "promgrafana.apatsev.org.ru" 17 | -------------------------------------------------------------------------------- /terraform-postgres-create-backup/vpc.tf: -------------------------------------------------------------------------------- 1 | data "yandex_vpc_network" "default" { 2 | name = "default" 3 | } 4 | 5 | data "yandex_vpc_subnet" "default-ru-central1-a" { 6 | name = "default-ru-central1-a" 7 | } 8 | 9 | data "yandex_vpc_subnet" "default-ru-central1-b" { 10 | name = "default-ru-central1-b" 11 | } 12 | 13 | data "yandex_vpc_subnet" "default-ru-central1-d" { 14 | name = "default-ru-central1-d" 15 | } 16 | -------------------------------------------------------------------------------- /terraform-postgres-restore-backup/vpc.tf: -------------------------------------------------------------------------------- 1 | data "yandex_vpc_network" "default" { 2 | name = "default" 3 | } 4 | 5 | data "yandex_vpc_subnet" "default-ru-central1-a" { 6 | name = "default-ru-central1-a" 7 | } 8 | 9 | data "yandex_vpc_subnet" "default-ru-central1-b" { 10 | name = "default-ru-central1-b" 11 | } 12 | 13 | data "yandex_vpc_subnet" "default-ru-central1-d" { 14 | name = "default-ru-central1-d" 15 | } 16 | -------------------------------------------------------------------------------- /docker/playbook.yml: -------------------------------------------------------------------------------- 1 | - hosts: docker 2 | become: true 3 | pre_tasks: 4 | - name: Install docker, docker-compose 5 | apt: 6 | name: 7 | - docker 8 | - docker-compose 9 | state: present 10 | update_cache: true 11 | - name: add user ubuntu to docker group 12 | ansible.builtin.user: 13 | name: ubuntu 14 | groups: docker 15 | append: yes 16 | -------------------------------------------------------------------------------- /freeipa-docker-compose/files/freeipa.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=%i service with docker compose 3 | Requires=docker.service 4 | After=docker.service 5 | 6 | [Service] 7 | Type=oneshot 8 | RemainAfterExit=true 9 | WorkingDirectory=/etc/docker-compose/%i 10 | ExecStart=/usr/local/bin/docker-compose up -d --remove-orphans 11 | ExecStop=/usr/local/bin/docker-compose down 12 | 13 | [Install] 14 | WantedBy=multi-user.target 15 | -------------------------------------------------------------------------------- /openxpki-docker-compose/files/openxpki.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=%i service with docker compose 3 | Requires=docker.service 4 | After=docker.service 5 | 6 | [Service] 7 | Type=oneshot 8 | RemainAfterExit=true 9 | WorkingDirectory=/etc/docker-compose/%i 10 | ExecStart=/usr/local/bin/docker-compose up -d --remove-orphans 11 | ExecStop=/usr/local/bin/docker-compose down 12 | 13 | [Install] 14 | WantedBy=multi-user.target 15 | -------------------------------------------------------------------------------- /terraform-helm-release-ingress-static-ip/service-accounts.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_iam_service_account" "sa-k8s-admin" { 2 | folder_id = var.yc_folder_id 3 | name = "sa-k8s-admin" 4 | } 5 | 6 | resource "yandex_resourcemanager_folder_iam_member" "sa-k8s-admin-permissions" { 7 | folder_id = var.yc_folder_id 8 | role = "admin" 9 | member = "serviceAccount:${yandex_iam_service_account.sa-k8s-admin.id}" 10 | } 11 | -------------------------------------------------------------------------------- /terraform-helm-release-jenkins-out-job/service-accounts.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_iam_service_account" "sa-k8s-admin" { 2 | folder_id = var.yc_folder_id 3 | name = "sa-k8s-admin" 4 | } 5 | 6 | resource "yandex_resourcemanager_folder_iam_member" "sa-k8s-admin-permissions" { 7 | folder_id = var.yc_folder_id 8 | role = "admin" 9 | member = "serviceAccount:${yandex_iam_service_account.sa-k8s-admin.id}" 10 | } 11 | -------------------------------------------------------------------------------- /terraform-helm-release-jenkins-out-job2/service-accounts.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_iam_service_account" "sa-k8s-admin" { 2 | folder_id = var.yc_folder_id 3 | name = "sa-k8s-admin" 4 | } 5 | 6 | resource "yandex_resourcemanager_folder_iam_member" "sa-k8s-admin-permissions" { 7 | folder_id = var.yc_folder_id 8 | role = "admin" 9 | member = "serviceAccount:${yandex_iam_service_account.sa-k8s-admin.id}" 10 | } 11 | -------------------------------------------------------------------------------- /prometheus-loki-loggenerator-in-docker/files/config/datasources-230.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: 1 2 | datasources: 3 | - access: proxy 4 | basicAuth: false 5 | jsonData: 6 | httpHeaderName1: "X-Scope-OrgID" 7 | secureJsonData: 8 | httpHeaderValue1: "docker" 9 | editable: true 10 | isDefault: true 11 | name: loki 12 | type: loki 13 | uid: loki 14 | url: http://loki:3100 15 | version: 1 16 | -------------------------------------------------------------------------------- /prometheus-loki-loggenerator-in-docker/files/config/datasources-261.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: 1 2 | datasources: 3 | - access: proxy 4 | basicAuth: false 5 | jsonData: 6 | httpHeaderName1: "X-Scope-OrgID" 7 | secureJsonData: 8 | httpHeaderValue1: "docker" 9 | editable: true 10 | isDefault: true 11 | name: loki 12 | type: loki 13 | uid: loki 14 | url: http://loki-gateway 15 | version: 1 16 | -------------------------------------------------------------------------------- /terragrunt-k8s/loggenerator/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "loggenerator.serviceAccountName" . }} 6 | labels: 7 | {{- include "loggenerator.labels" . | nindent 4 }} 8 | {{- with .Values.serviceAccount.annotations }} 9 | annotations: 10 | {{- toYaml . | nindent 4 }} 11 | {{- end }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /freeipa-docker-compose-external-ca/files/freeipa.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=%i service with docker compose 3 | Requires=docker.service 4 | After=docker.service 5 | 6 | [Service] 7 | Type=oneshot 8 | RemainAfterExit=true 9 | WorkingDirectory=/etc/docker-compose/%i 10 | ExecStart=/usr/local/bin/docker-compose up -d --remove-orphans 11 | ExecStop=/usr/local/bin/docker-compose down 12 | 13 | [Install] 14 | WantedBy=multi-user.target 15 | -------------------------------------------------------------------------------- /freeipa-docker-compose-smallstep/files/freeipa.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=%i service with docker compose 3 | Requires=docker.service 4 | After=docker.service 5 | 6 | [Service] 7 | Type=oneshot 8 | RemainAfterExit=true 9 | WorkingDirectory=/etc/docker-compose/%i 10 | ExecStart=/usr/local/bin/docker-compose up -d --remove-orphans 11 | ExecStop=/usr/local/bin/docker-compose down 12 | 13 | [Install] 14 | WantedBy=multi-user.target 15 | -------------------------------------------------------------------------------- /freeipa-docker-compose/inventory_yml.tpl: -------------------------------------------------------------------------------- 1 | all: 2 | children: 3 | ipaserver: 4 | hosts: 5 | "freeipa": 6 | ansible_host: "${freeipa_public_ip}" 7 | vars: 8 | ansible_user: ${ssh_user} 9 | ansible_ssh_private_key_file: ~/.ssh/id_rsa 10 | freeipa_password: "${freeipa_password}" 11 | freeipa_fqdn: "${freeipa_fqdn}" 12 | freeipa_domain: "${freeipa_domain}" 13 | ssh_user: "${ssh_user}" 14 | -------------------------------------------------------------------------------- /terraform-k8s-loki/loggenerator/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "loggenerator.serviceAccountName" . }} 6 | labels: 7 | {{- include "loggenerator.labels" . | nindent 4 }} 8 | {{- with .Values.serviceAccount.annotations }} 9 | annotations: 10 | {{- toYaml . | nindent 4 }} 11 | {{- end }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /terraform-postgres-create-backup/variables.tf: -------------------------------------------------------------------------------- 1 | variable "yc_token" { 2 | type = string 3 | description = "Yandex Cloud API key" 4 | } 5 | 6 | variable "yc_cloud_id" { 7 | type = string 8 | description = "Yandex Cloud id" 9 | } 10 | 11 | variable "yc_folder_id" { 12 | type = string 13 | description = "Yandex Cloud folder id" 14 | } 15 | 16 | variable "psql_password" { 17 | type = string 18 | } 19 | -------------------------------------------------------------------------------- /sonarqube/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | yandex = { 4 | source = "yandex-cloud/yandex" 5 | version = "0.91.0" 6 | } 7 | local = { 8 | source = "hashicorp/local" 9 | version = "2.2.2" 10 | } 11 | } 12 | } 13 | 14 | provider "yandex" { 15 | token = var.yc_token 16 | cloud_id = var.yc_cloud_id 17 | folder_id = var.yc_folder_id 18 | zone = var.yc_zone 19 | } 20 | -------------------------------------------------------------------------------- /terraform-k8s-app-pv/loggenerator/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "loggenerator.serviceAccountName" . }} 6 | labels: 7 | {{- include "loggenerator.labels" . | nindent 4 }} 8 | {{- with .Values.serviceAccount.annotations }} 9 | annotations: 10 | {{- toYaml . | nindent 4 }} 11 | {{- end }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /terraform-postgres-restore-backup/variables.tf: -------------------------------------------------------------------------------- 1 | variable "yc_token" { 2 | type = string 3 | description = "Yandex Cloud API key" 4 | } 5 | 6 | variable "yc_cloud_id" { 7 | type = string 8 | description = "Yandex Cloud id" 9 | } 10 | 11 | variable "yc_folder_id" { 12 | type = string 13 | description = "Yandex Cloud folder id" 14 | } 15 | 16 | variable "psql_password" { 17 | type = string 18 | } 19 | -------------------------------------------------------------------------------- /victoriametrics-cluster-grafana/playbook.yml: -------------------------------------------------------------------------------- 1 | # --- 2 | # - hosts: vmstorage,vminsert,vmselect 3 | # become: true 4 | 5 | # roles: 6 | # - role: buluma.victoriametrics_cluster 7 | # victoriametrics_version: v1.58.0 8 | 9 | 10 | --- 11 | - hosts: victoria_cluster 12 | collections: 13 | - victoriametrics.cluster 14 | become: true 15 | roles: 16 | - geerlingguy.docker 17 | - victoriametrics.cluster.cluster 18 | -------------------------------------------------------------------------------- /freeipa-docker-compose-external-ca/dns.tf: -------------------------------------------------------------------------------- 1 | #resource "yandex_dns_zone" "apatsev_org_ru" { 2 | # name = "apatsev-org-ru" 3 | # zone = "apatsev.org.ru." 4 | # public = true 5 | #} 6 | 7 | #resource "yandex_dns_recordset" "freeipa_apatsev_org_ru" { 8 | # zone_id = yandex_dns_zone.apatsev_org_ru.id 9 | # name = "freeipa.apatsev.org.ru." 10 | # type = "A" 11 | # ttl = 200 12 | # data = [module.freeipa.external_ip[0]] 13 | #} 14 | -------------------------------------------------------------------------------- /terraform-k8s-nexus/dns.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_dns_zone" "apatsev_org_ru" { 2 | name = "apatsev-org-ru" 3 | zone = "apatsev.org.ru." 4 | public = true 5 | } 6 | 7 | resource "yandex_dns_recordset" "nexus_apatsev_org_ru" { 8 | zone_id = yandex_dns_zone.apatsev_org_ru.id 9 | name = "nexus.apatsev.org.ru." 10 | type = "A" 11 | ttl = 200 12 | data = [yandex_vpc_address.nexus_address.external_ipv4_address[0].address] 13 | } 14 | -------------------------------------------------------------------------------- /terraform-k8s-sentry/value-sentry.yaml: -------------------------------------------------------------------------------- 1 | postgresql: 2 | enabled: false 3 | externalPostgresql: 4 | port: 6432 5 | database: sentry 6 | username: sentry 7 | sslMode: require 8 | nginx: 9 | ingress: 10 | annotations: 11 | cert-manager.io/cluster-issuer: "letsencrypt-prod" 12 | enabled: true 13 | hostname: sentry.apatsev.org.ru 14 | ingressClassName: "nginx" 15 | tls: true 16 | sentry: 17 | cleanup: 18 | days: 7 -------------------------------------------------------------------------------- /terragrunt-k8s/helmfile-ingress-nginx.yaml: -------------------------------------------------------------------------------- 1 | repositories: 2 | - name: ingress-nginx 3 | url: https://kubernetes.github.io/ingress-nginx 4 | 5 | releases: 6 | - name: ingress-nginx 7 | namespace: ingress-nginx 8 | createNamespace: true 9 | chart: ingress-nginx/ingress-nginx 10 | version: 4.4.2 11 | set: 12 | - name: controller.service.loadBalancerIP 13 | value: {{ requiredEnv "external_ipv4_address" }} 14 | -------------------------------------------------------------------------------- /freeipa-docker-compose/readme.md: -------------------------------------------------------------------------------- 1 | ### Install freeipa by ansible and terraform to Yandex Cloud 2 | https://github.com/xetus-oss/freeipa-pwd-portal/blob/master/docker-compose.yaml 3 | 4 | https://stackoverflow.com/questions/71096130/freeipa-docker-compose-web-ui 5 | 6 | https://www.linkedin.com/pulse/how-install-freeipa-ubuntu-docker-packopsdev-farshad-nickfetrat/ 7 | 8 | https://habr.com/ru/post/254233/ 9 | 10 | https://github.com/peak/s5cmd 11 | 12 | -------------------------------------------------------------------------------- /terraform-coi-before-ingress/declaration.yaml: -------------------------------------------------------------------------------- 1 | spec: 2 | containers: 3 | - name: nginx 4 | image: nginx:1.23.3 5 | securityContext: 6 | privileged: false 7 | tty: false 8 | stdin: false 9 | volumeMounts: 10 | - mountPath: /etc/nginx/nginx.conf 11 | name: nginx_conf 12 | restartPolicy: Always 13 | volumes: 14 | - name: nginx_conf 15 | hostPath: 16 | path: /nginx.conf 17 | -------------------------------------------------------------------------------- /terraform-k8s-coi-two-ingress/declaration.yaml: -------------------------------------------------------------------------------- 1 | spec: 2 | containers: 3 | - name: nginx 4 | image: nginx:1.23.3 5 | securityContext: 6 | privileged: false 7 | tty: false 8 | stdin: false 9 | volumeMounts: 10 | - mountPath: /etc/nginx/nginx.conf 11 | name: nginx_conf 12 | restartPolicy: Always 13 | volumes: 14 | - name: nginx_conf 15 | hostPath: 16 | path: /nginx.conf 17 | -------------------------------------------------------------------------------- /terraform-k8s-app-pv/dns.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_dns_zone" "apatsev_org_ru" { 2 | name = "apatsev-org-ru" 3 | zone = "apatsev.org.ru." 4 | public = true 5 | } 6 | 7 | resource "yandex_dns_recordset" "velero_apatsev_org_ru" { 8 | zone_id = yandex_dns_zone.apatsev_org_ru.id 9 | name = "velero.apatsev.org.ru." 10 | type = "A" 11 | ttl = 200 12 | data = [yandex_vpc_address.velero_address.external_ipv4_address[0].address] 13 | } 14 | -------------------------------------------------------------------------------- /terraform-k8s-coi-two-ingress/helmfile-ingress-nginx.yaml: -------------------------------------------------------------------------------- 1 | repositories: 2 | - name: ingress-nginx 3 | url: https://kubernetes.github.io/ingress-nginx 4 | 5 | releases: 6 | - name: ingress-nginx 7 | namespace: ingress-nginx 8 | createNamespace: true 9 | chart: ingress-nginx/ingress-nginx 10 | version: 4.4.2 11 | set: 12 | - name: controller.service.loadBalancerIP 13 | value: {{ requiredEnv "NginxLoadBalancerIP" }} 14 | -------------------------------------------------------------------------------- /terraform-k8s-sentry/dns.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_dns_zone" "apatsev_org_ru" { 2 | name = "apatsev-org-ru" 3 | zone = "apatsev.org.ru." 4 | public = true 5 | } 6 | 7 | resource "yandex_dns_recordset" "sentry_apatsev_org_ru" { 8 | zone_id = yandex_dns_zone.apatsev_org_ru.id 9 | name = "sentry.apatsev.org.ru." 10 | type = "A" 11 | ttl = 200 12 | data = [yandex_vpc_address.sentry_address.external_ipv4_address[0].address] 13 | } 14 | -------------------------------------------------------------------------------- /terraform-regru-certificate/variables.tf: -------------------------------------------------------------------------------- 1 | variable "email_address" { 2 | type = string 3 | description = "email_address" 4 | } 5 | 6 | variable "common_name" { 7 | type = string 8 | description = "common_name" 9 | } 10 | 11 | variable "REGRU_USERNAME" { 12 | type = string 13 | description = "API username" 14 | } 15 | 16 | variable "REGRU_PASSWORD" { 17 | type = string 18 | description = "API password" 19 | } 20 | -------------------------------------------------------------------------------- /terraform-helm-release-ingress-static-ip/dns.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_dns_zone" "apatsev_org_ru" { 2 | name = "apatsev-org-ru" 3 | zone = "apatsev.org.ru." 4 | public = true 5 | } 6 | 7 | resource "yandex_dns_recordset" "helm_apatsev_org_ru" { 8 | zone_id = yandex_dns_zone.apatsev_org_ru.id 9 | name = "helm.apatsev.org.ru." 10 | type = "A" 11 | ttl = 200 12 | data = [yandex_vpc_address.addr.external_ipv4_address[0].address] 13 | } 14 | -------------------------------------------------------------------------------- /terraform-k8s-app-pv/run_psql.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | export POSTGRES_PASSWORD=$(kubectl get secret --namespace postgresql postgresql -o jsonpath="{.data.postgres-password}" | base64 -d) 6 | kubectl run postgresql-client --rm --tty -i --restart='Never' --namespace postgresql --image docker.io/bitnami/postgresql:15.1.0-debian-11-r7 \ 7 | --env="PGPASSWORD=$POSTGRES_PASSWORD" --command -- psql --host postgresql -U postgres -d postgres -p 5432 8 | -------------------------------------------------------------------------------- /terraform-k8s-loki/dns.tf: -------------------------------------------------------------------------------- 1 | #resource "yandex_dns_zone" "apatsev_org_ru" { 2 | # name = "apatsev-org-ru" 3 | # zone = "apatsev.org.ru." 4 | # public = true 5 | #} 6 | # 7 | #resource "yandex_dns_recordset" "loki_apatsev_org_ru" { 8 | # zone_id = yandex_dns_zone.apatsev_org_ru.id 9 | # name = "loki.apatsev.org.ru." 10 | # type = "A" 11 | # ttl = 200 12 | # data = [yandex_vpc_address.loki_address.external_ipv4_address[0].address] 13 | #} 14 | -------------------------------------------------------------------------------- /terraform-mongodb/variable.tf: -------------------------------------------------------------------------------- 1 | variable "yc_token" { 2 | type = string 3 | description = "Yandex Cloud API key" 4 | } 5 | 6 | variable "yc_cloud_id" { 7 | type = string 8 | description = "Yandex Cloud id" 9 | } 10 | 11 | variable "yc_folder_id" { 12 | type = string 13 | description = "Yandex Cloud folder id" 14 | } 15 | 16 | variable "password_mongo" { 17 | type = string 18 | description = "password mongo" 19 | } 20 | -------------------------------------------------------------------------------- /jenkins-lean-delivery/playbook.yml: -------------------------------------------------------------------------------- 1 | - name: "Deploy java, jenkins, letsencrypt, nginx" 2 | hosts: jenkins 3 | become: true 4 | pre_tasks: 5 | - name: Wait for cloud-init / user-data to finish 6 | command: cloud-init status --wait 7 | changed_when: false 8 | roles: 9 | - role: lean_delivery.java 10 | java_distribution: openjdk 11 | java_major_version: 11 12 | transport: repositories 13 | - role: lean_delivery.jenkins 14 | -------------------------------------------------------------------------------- /terraform-k8s-app-redis/test/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "test.fullname" . }} 5 | labels: 6 | {{- include "test.labels" . | nindent 4 }} 7 | spec: 8 | type: {{ .Values.service.type }} 9 | ports: 10 | - port: {{ .Values.service.port }} 11 | targetPort: http 12 | protocol: TCP 13 | name: http 14 | selector: 15 | {{- include "test.selectorLabels" . | nindent 4 }} 16 | -------------------------------------------------------------------------------- /freeipa-docker-compose-smallstep/inventory_yml.tpl: -------------------------------------------------------------------------------- 1 | all: 2 | children: 3 | ipaserver: 4 | hosts: 5 | "freeipa": 6 | ansible_host: "${freeipa_public_ip}" 7 | vars: 8 | ansible_user: ${ssh_user} 9 | ansible_ssh_private_key_file: ~/.ssh/id_rsa 10 | freeipa_password: "${freeipa_password}" 11 | freeipa_fqdn: "${freeipa_internal_ip}.${freeipa_domain}" 12 | freeipa_domain: "${freeipa_domain}" 13 | ssh_user: "${ssh_user}" 14 | -------------------------------------------------------------------------------- /pdc/pdc_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /sonarqube/playbook.yml: -------------------------------------------------------------------------------- 1 | - hosts: sonarqube 2 | become: true 3 | pre_tasks: 4 | - name: Update apt cache. 5 | apt: update_cache=true cache_valid_time=600 6 | when: ansible_os_family == 'Debian' 7 | - name: Install package dependencies. 8 | package: 9 | name: "{{ item }}" 10 | state: "present" 11 | with_items: 12 | - unzip 13 | roles: 14 | - buluma.java 15 | - lrk.sonarqube 16 | -------------------------------------------------------------------------------- /terraform-k8s-opensearch/dns.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_dns_zone" "apatsev_org_ru" { 2 | name = "apatsev-org-ru" 3 | zone = "apatsev.org.ru." 4 | public = true 5 | } 6 | 7 | resource "yandex_dns_recordset" "opensearch_apatsev_org_ru" { 8 | zone_id = yandex_dns_zone.apatsev_org_ru.id 9 | name = "opensearch.apatsev.org.ru." 10 | type = "A" 11 | ttl = 200 12 | data = [yandex_vpc_address.opensearch_address.external_ipv4_address[0].address] 13 | } 14 | -------------------------------------------------------------------------------- /terraform-k8s-redis/dns.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_dns_zone" "apatsev_org_ru" { 2 | name = "apatsev-org-ru" 3 | zone = "apatsev.org.ru." 4 | public = true 5 | } 6 | 7 | resource "yandex_dns_recordset" "prometheus_apatsev_org_ru" { 8 | zone_id = yandex_dns_zone.apatsev_org_ru.id 9 | name = "promgrafana.apatsev.org.ru." 10 | type = "A" 11 | ttl = 200 12 | data = [yandex_vpc_address.promgrafana_address.external_ipv4_address[0].address] 13 | } 14 | -------------------------------------------------------------------------------- /terraform-k8s-stress/dns.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_dns_zone" "apatsev_org_ru" { 2 | name = "apatsev-org-ru" 3 | zone = "apatsev.org.ru." 4 | public = true 5 | } 6 | 7 | resource "yandex_dns_recordset" "prometheus_apatsev_org_ru" { 8 | zone_id = yandex_dns_zone.apatsev_org_ru.id 9 | name = "promgrafana.apatsev.org.ru." 10 | type = "A" 11 | ttl = 200 12 | data = [yandex_vpc_address.promgrafana_address.external_ipv4_address[0].address] 13 | } 14 | -------------------------------------------------------------------------------- /terraform-k8s-tempo/dns.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_dns_zone" "apatsev_org_ru" { 2 | name = "apatsev-org-ru" 3 | zone = "apatsev.org.ru." 4 | public = true 5 | } 6 | 7 | resource "yandex_dns_recordset" "prometheus_apatsev_org_ru" { 8 | zone_id = yandex_dns_zone.apatsev_org_ru.id 9 | name = "promgrafana.apatsev.org.ru." 10 | type = "A" 11 | ttl = 200 12 | data = [yandex_vpc_address.promgrafana_address.external_ipv4_address[0].address] 13 | } 14 | -------------------------------------------------------------------------------- /vpc/vpc_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /docker/docker_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /freeipa-docker-compose-external-ca/inventory_yml.tpl: -------------------------------------------------------------------------------- 1 | all: 2 | children: 3 | ipaserver: 4 | hosts: 5 | "freeipa": 6 | ansible_host: "${freeipa_public_ip}" 7 | vars: 8 | ansible_user: ${ssh_user} 9 | ansible_ssh_private_key_file: ~/.ssh/id_rsa 10 | freeipa_password: "${freeipa_password}" 11 | freeipa_fqdn: "${freeipa_internal_ip}.${freeipa_domain}" 12 | freeipa_domain: "${freeipa_domain}" 13 | ssh_user: "${ssh_user}" 14 | -------------------------------------------------------------------------------- /gitlab/gitlab_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /harbor/harbor_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /jaeger/jaeger_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /nexus/nexus_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /pdc-gitlab-s3/sa-storage-admin.tf: -------------------------------------------------------------------------------- 1 | ## Create SA sa-storage-admin 2 | resource "yandex_iam_service_account" "sa-storage-admin" { 3 | folder_id = var.yc_folder_id 4 | name = "sa-storage-admin" 5 | } 6 | 7 | ## Grant permissions 8 | resource "yandex_resourcemanager_folder_iam_member" "sa-storage-admin" { 9 | folder_id = var.yc_folder_id 10 | role = "storage.admin" 11 | member = "serviceAccount:${yandex_iam_service_account.sa-storage-admin.id}" 12 | } 13 | -------------------------------------------------------------------------------- /sentry/sentry_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /squid/squid_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /terraform-clickhouse/variable.tf: -------------------------------------------------------------------------------- 1 | variable "yc_token" { 2 | type = string 3 | description = "Yandex Cloud API key" 4 | } 5 | 6 | variable "yc_cloud_id" { 7 | type = string 8 | description = "Yandex Cloud id" 9 | } 10 | 11 | variable "yc_folder_id" { 12 | type = string 13 | description = "Yandex Cloud folder id" 14 | } 15 | 16 | variable "clickhouse_password" { 17 | type = string 18 | description = "clickhouse_password" 19 | } 20 | -------------------------------------------------------------------------------- /terraform-k8s-alertmanager/dns.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_dns_zone" "apatsev_org_ru" { 2 | name = "apatsev-org-ru" 3 | zone = "apatsev.org.ru." 4 | public = true 5 | } 6 | 7 | resource "yandex_dns_recordset" "prometheus_apatsev_org_ru" { 8 | zone_id = yandex_dns_zone.apatsev_org_ru.id 9 | name = "promgrafana.apatsev.org.ru." 10 | type = "A" 11 | ttl = 200 12 | data = [yandex_vpc_address.promgrafana_address.external_ipv4_address[0].address] 13 | } 14 | -------------------------------------------------------------------------------- /vector/vector_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /jenkins/jenkins_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /kafka-cluster/inventory_yml.tpl: -------------------------------------------------------------------------------- 1 | all: 2 | children: 3 | kafka_cluster: 4 | hosts: 5 | %{~ for index, public_ip in kafka_public_ip } 6 | kafka${index}: 7 | ansible_host: ${public_ip} 8 | %{~ endfor } 9 | vars: 10 | ansible_user: ${ssh_user} 11 | ansible_ssh_private_key_file: ~/.ssh/id_rsa 12 | zookeeper_hosts: 13 | %{ for index, public_ip in kafka_public_ip ~} 14 | - { host: "kafka${index}", id: ${ index } } 15 | %{ endfor ~} 16 | -------------------------------------------------------------------------------- /seaweedfs/seaweedfs_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /sonarqube/sonarqube_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /squid/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = ">= 0.13" 3 | 4 | required_providers { 5 | yandex = { 6 | source = "yandex-cloud/yandex" 7 | version = "0.91.0" 8 | } 9 | local = { 10 | source = "hashicorp/local" 11 | version = "2.2.2" 12 | } 13 | } 14 | } 15 | 16 | provider "yandex" { 17 | token = var.yc_token 18 | cloud_id = var.yc_cloud_id 19 | folder_id = var.yc_folder_id 20 | zone = var.yc_zone 21 | } 22 | -------------------------------------------------------------------------------- /terraform-k8s-alertmanager-loki/dns.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_dns_zone" "apatsev_org_ru" { 2 | name = "apatsev-org-ru" 3 | zone = "apatsev.org.ru." 4 | public = true 5 | } 6 | 7 | resource "yandex_dns_recordset" "prometheus_apatsev_org_ru" { 8 | zone_id = yandex_dns_zone.apatsev_org_ru.id 9 | name = "promgrafana.apatsev.org.ru." 10 | type = "A" 11 | ttl = 200 12 | data = [yandex_vpc_address.promgrafana_address.external_ipv4_address[0].address] 13 | } 14 | -------------------------------------------------------------------------------- /terraform-k8s-loki/sa-storage-admin.tf: -------------------------------------------------------------------------------- 1 | ## Create SA sa-storage-admin 2 | resource "yandex_iam_service_account" "sa-storage-admin" { 3 | folder_id = var.yc_folder_id 4 | name = "sa-storage-admin" 5 | } 6 | 7 | ## Grant permissions 8 | resource "yandex_resourcemanager_folder_iam_member" "sa-storage-admin" { 9 | folder_id = var.yc_folder_id 10 | role = "storage.admin" 11 | member = "serviceAccount:${yandex_iam_service_account.sa-storage-admin.id}" 12 | } 13 | -------------------------------------------------------------------------------- /terraform-k8s-sentry/sa-storage-admin.tf: -------------------------------------------------------------------------------- 1 | ## Create SA sa-storage-admin 2 | resource "yandex_iam_service_account" "sa-storage-admin" { 3 | folder_id = var.yc_folder_id 4 | name = "sa-storage-admin" 5 | } 6 | 7 | ## Grant permissions 8 | resource "yandex_resourcemanager_folder_iam_member" "sa-storage-admin" { 9 | folder_id = var.yc_folder_id 10 | role = "storage.admin" 11 | member = "serviceAccount:${yandex_iam_service_account.sa-storage-admin.id}" 12 | } 13 | -------------------------------------------------------------------------------- /terraform-vault-traefik/dns.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_dns_zone" "dns_domain" { 2 | name = replace(var.dns_domain, ".", "-") 3 | zone = join("", [var.dns_domain, "."]) 4 | public = true 5 | } 6 | 7 | resource "yandex_dns_recordset" "jenkins_dns_domain" { 8 | zone_id = yandex_dns_zone.dns_domain.id 9 | name = join("", [var.jenkins_dns_name, "."]) 10 | type = "A" 11 | ttl = 200 12 | data = [yandex_vpc_address.addr.external_ipv4_address[0].address] 13 | } 14 | -------------------------------------------------------------------------------- /vault_docker/vault_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /wireguard/wireguard_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /letsencrypt/letsencrypt_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /pdc-freeipa/pdc_freeipa_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /pdc-gitlab/pdc_gitlab_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /prometheus/prometheus_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /rocketchat/rocketchat_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /terraform-k8s-istio-prometheus-stack/dns.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_dns_zone" "apatsev_org_ru" { 2 | name = "apatsev-org-ru" 3 | zone = "apatsev.org.ru." 4 | public = true 5 | } 6 | 7 | resource "yandex_dns_recordset" "prometheus_apatsev_org_ru" { 8 | zone_id = yandex_dns_zone.apatsev_org_ru.id 9 | name = "promgrafana.apatsev.org.ru." 10 | type = "A" 11 | ttl = 200 12 | data = [yandex_vpc_address.promgrafana_address.external_ipv4_address[0].address] 13 | } 14 | -------------------------------------------------------------------------------- /terraform-k8s-opensearch/sa-storage-admin.tf: -------------------------------------------------------------------------------- 1 | ## Create SA sa-storage-admin 2 | resource "yandex_iam_service_account" "sa-storage-admin" { 3 | folder_id = var.yc_folder_id 4 | name = "sa-storage-admin" 5 | } 6 | 7 | ## Grant permissions 8 | resource "yandex_resourcemanager_folder_iam_member" "sa-storage-admin" { 9 | folder_id = var.yc_folder_id 10 | role = "storage.admin" 11 | member = "serviceAccount:${yandex_iam_service_account.sa-storage-admin.id}" 12 | } 13 | -------------------------------------------------------------------------------- /terraform-k8s-stress/README.md: -------------------------------------------------------------------------------- 1 | TG_BOT_TOKEN get by https://velenux.wordpress.com/2022/09/12/how-to-configure-prometheus-alertmanager-to-send-alerts-to-telegram/ 2 | TG_CHAT_ID get by https://www.alphr.com/find-chat-id-telegram/ 3 | 4 | https://sidmid.ru/prometheus-grafana-alertmanager-%D0%B2-docker/ 5 | 6 | 7 | kubectl port-forward -n kube-prometheus-stack service/karma 8080 8 | 9 | kubectl port-forward -n kube-prometheus-stack service/kube-prometheus-stack-grafana 8000:80 10 | -------------------------------------------------------------------------------- /terraform-redis/redis_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /terragrunt-k8s/loggenerator/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "loggenerator.fullname" . }} 5 | labels: 6 | {{- include "loggenerator.labels" . | nindent 4 }} 7 | spec: 8 | type: {{ .Values.service.type }} 9 | ports: 10 | - port: {{ .Values.service.port }} 11 | targetPort: http 12 | protocol: TCP 13 | name: http 14 | selector: 15 | {{- include "loggenerator.selectorLabels" . | nindent 4 }} 16 | -------------------------------------------------------------------------------- /zabbix-community/zabbix_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /consul-cluster/consul_cluster_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /etcd-cluster/etcd_cluster_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /freeipa-gitlab/freeipa_gitlab_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /jenkins-lean-delivery/jenkins_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /jenkins-letsencrypt/jenkins_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /jenkins-without-roles/jenkins_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /kafka-cluster/kafka_cluster_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /pdc-gitlab-s3/pdc_gitlab_s3_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /prometheus-grafana/prometheus_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /squid-without-module/squid_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /storage_bucket/service_account/sa-storage-admin.tf: -------------------------------------------------------------------------------- 1 | ## Create SA sa-storage-admin 2 | resource "yandex_iam_service_account" "sa-storage-admin" { 3 | folder_id = var.yc_folder_id 4 | name = "sa-storage-admin" 5 | } 6 | 7 | ## Grant permissions 8 | resource "yandex_resourcemanager_folder_iam_member" "sa-storage-admin" { 9 | folder_id = var.yc_folder_id 10 | role = "storage.admin" 11 | member = "serviceAccount:${yandex_iam_service_account.sa-storage-admin.id}" 12 | } 13 | -------------------------------------------------------------------------------- /terraform-helm-release-jenkins/dns.tf: -------------------------------------------------------------------------------- 1 | resource "yandex_dns_zone" "dns_domain" { 2 | name = replace(var.dns_domain, ".", "-") 3 | zone = join("", [var.dns_domain, "."]) 4 | public = true 5 | } 6 | 7 | resource "yandex_dns_recordset" "jenkins_dns_domain" { 8 | zone_id = yandex_dns_zone.dns_domain.id 9 | name = join("", [var.jenkins_dns_name, "."]) 10 | type = "A" 11 | ttl = 200 12 | data = [yandex_vpc_address.addr.external_ipv4_address[0].address] 13 | } 14 | -------------------------------------------------------------------------------- /terraform-k8s-alertmanager-loki/sa-storage-admin.tf: -------------------------------------------------------------------------------- 1 | ## Create SA sa-storage-admin 2 | resource "yandex_iam_service_account" "sa-storage-admin" { 3 | folder_id = var.yc_folder_id 4 | name = "sa-storage-admin" 5 | } 6 | 7 | ## Grant permissions 8 | resource "yandex_resourcemanager_folder_iam_member" "sa-storage-admin" { 9 | folder_id = var.yc_folder_id 10 | role = "storage.admin" 11 | member = "serviceAccount:${yandex_iam_service_account.sa-storage-admin.id}" 12 | } 13 | -------------------------------------------------------------------------------- /terraform-k8s-app-pv/loggenerator/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "loggenerator.fullname" . }} 5 | labels: 6 | {{- include "loggenerator.labels" . | nindent 4 }} 7 | spec: 8 | type: {{ .Values.service.type }} 9 | ports: 10 | - port: {{ .Values.service.port }} 11 | targetPort: http 12 | protocol: TCP 13 | name: http 14 | selector: 15 | {{- include "loggenerator.selectorLabels" . | nindent 4 }} 16 | -------------------------------------------------------------------------------- /terraform-k8s-app-redis/test/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /terraform-k8s-loki/loggenerator/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /terraform-k8s-loki/loggenerator/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "loggenerator.fullname" . }} 5 | labels: 6 | {{- include "loggenerator.labels" . | nindent 4 }} 7 | spec: 8 | type: {{ .Values.service.type }} 9 | ports: 10 | - port: {{ .Values.service.port }} 11 | targetPort: http 12 | protocol: TCP 13 | name: http 14 | selector: 15 | {{- include "loggenerator.selectorLabels" . | nindent 4 }} 16 | -------------------------------------------------------------------------------- /terraform-k8s-loki/values-promtail.yaml-backup: -------------------------------------------------------------------------------- 1 | config: 2 | clients: 3 | - url: http://loki.apatsev.org.ru/loki/api/v1/push 4 | snippets: 5 | pipelineStages: 6 | - cri: {} 7 | - labeldrop: 8 | - filename 9 | - pod 10 | - json: 11 | expressions: 12 | method: method 13 | protocol: protocol 14 | - labels: 15 | method: 16 | protocol: 17 | - output: 18 | source: output 19 | -------------------------------------------------------------------------------- /terraform-k8s-nexus/variables.tf: -------------------------------------------------------------------------------- 1 | # Variables 2 | 3 | variable "yc_token" { 4 | type = string 5 | description = "Yandex Cloud API key" 6 | } 7 | 8 | variable "yc_cloud_id" { 9 | type = string 10 | description = "Yandex Cloud id" 11 | } 12 | 13 | variable "yc_folder_id" { 14 | type = string 15 | description = "Yandex Cloud folder id" 16 | } 17 | 18 | variable "email_letsencrypt" { 19 | type = string 20 | description = "email_letsencrypt" 21 | } 22 | -------------------------------------------------------------------------------- /terraform-k8s-two-ingress/README.md: -------------------------------------------------------------------------------- 1 | TG_BOT_TOKEN get by https://velenux.wordpress.com/2022/09/12/how-to-configure-prometheus-alertmanager-to-send-alerts-to-telegram/ 2 | TG_CHAT_ID get by https://www.alphr.com/find-chat-id-telegram/ 3 | 4 | https://sidmid.ru/prometheus-grafana-alertmanager-%D0%B2-docker/ 5 | 6 | 7 | kubectl port-forward -n kube-prometheus-stack service/karma 8080 8 | 9 | kubectl port-forward -n kube-prometheus-stack service/kube-prometheus-stack-grafana 8000:80 10 | -------------------------------------------------------------------------------- /terraform-postgres/postgres_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /terraform-ydb/ydb_cluster_destroy.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eu pipefail 4 | 5 | start_time=$(date +%s) 6 | date1=$(date +"%s") 7 | TF_IN_AUTOMATION=1 terraform destroy -auto-approve 8 | end_time=$(date +%s) 9 | date2=$(date +"%s") 10 | echo "###############" 11 | echo "Execution time was $(( end_time - start_time )) s." 12 | DIFF=$(( date2 - date1 )) 13 | echo "Duration: $(( DIFF / 3600 )) hours $((( DIFF % 3600) / 60 )) minutes $(( DIFF % 60 )) seconds" 14 | echo "###############" 15 | -------------------------------------------------------------------------------- /terragrunt-k8s/loggenerator/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /docker/sa-compute-admin.tf: -------------------------------------------------------------------------------- 1 | ## Create SA sa-compute-admin 2 | resource "yandex_iam_service_account" "sa-compute-admin" { 3 | folder_id = var.yc_folder_id 4 | name = "sa-compute-admin" 5 | } 6 | 7 | ## Grant permissions sa-compute-admin 8 | resource "yandex_resourcemanager_folder_iam_member" "sa-compute-admin-permissions" { 9 | folder_id = var.yc_folder_id 10 | role = "compute.admin" 11 | member = "serviceAccount:${yandex_iam_service_account.sa-compute-admin.id}" 12 | } 13 | -------------------------------------------------------------------------------- /gitlab/sa-compute-admin.tf: -------------------------------------------------------------------------------- 1 | ## Create SA sa-compute-admin 2 | resource "yandex_iam_service_account" "sa-compute-admin" { 3 | folder_id = var.yc_folder_id 4 | name = "sa-compute-admin" 5 | } 6 | 7 | ## Grant permissions sa-compute-admin 8 | resource "yandex_resourcemanager_folder_iam_member" "sa-compute-admin-permissions" { 9 | folder_id = var.yc_folder_id 10 | role = "compute.admin" 11 | member = "serviceAccount:${yandex_iam_service_account.sa-compute-admin.id}" 12 | } 13 | -------------------------------------------------------------------------------- /harbor/sa-compute-admin.tf: -------------------------------------------------------------------------------- 1 | ## Create SA sa-compute-admin 2 | resource "yandex_iam_service_account" "sa-compute-admin" { 3 | folder_id = var.yc_folder_id 4 | name = "sa-compute-admin" 5 | } 6 | 7 | ## Grant permissions sa-compute-admin 8 | resource "yandex_resourcemanager_folder_iam_member" "sa-compute-admin-permissions" { 9 | folder_id = var.yc_folder_id 10 | role = "compute.admin" 11 | member = "serviceAccount:${yandex_iam_service_account.sa-compute-admin.id}" 12 | } 13 | --------------------------------------------------------------------------------