Infrastructure as Code for the nxthdr platform.
Quick links:
# 1. Set up vault password
echo "YOUR_VAULT_PASSWORD" > .password
# 2. Deploy everything
make apply| Command | Description |
|---|---|
make apply |
Full deployment (render + sync + terraform) |
make render |
Render templates only |
make sync-config |
Sync configs to servers |
make sync-bird |
Sync BIRD (BGP) configs |
make sync-wireguard |
Sync WireGuard (VPN) configs |
make edit-secrets |
Edit encrypted secrets |
- Ansible - Configuration management
- Terraform - Docker container orchestration
- Jinja2 - Template rendering
- Ansible Vault - Secrets management
- Docker - Container runtime
- BIRD - BGP routing
- WireGuard - VPN tunneling
infrastructure/
├── inventory/ # Server definitions
├── templates/ # Jinja2 templates
│ ├── config/ # Docker container configs
│ └── terraform/ # Terraform templates
├── networks/ # BIRD & WireGuard configs
├── playbooks/ # Ansible automation
├── render/ # Python rendering scripts
├── secrets/ # Encrypted secrets
├── terraform/ # Terraform files
└── docs/ # Documentation (MkDocs)
If you discover a security vulnerability, prefer email: [email protected]
Contributions are welcome! Please:
- Read the documentation
- Open an issue to discuss your changes
- Submit a pull request
See LICENSE file for details.