Clean repository: organized structure and GitOps setup

- Organized root directory structure - Moved orphan files to proper locations - Updated .gitignore to ignore temporary files - Set up Gitea Runner for GitOps automation - Fixed Tailscale access issues - Added workflow for automated Nomad deployment
2025-10-09 06:13:45 +00:00
commit 89ee6f7967
306 changed files with 30781 additions and 0 deletions
--- a/deployment/terraform/environments/dev/main.tf
+++ b/deployment/terraform/environments/dev/main.tf
@@ -0,0 +1,225 @@
+# 开发环境主配置文件
+
+# 引入共享版本配置
+terraform {
+  required_version = ">= 1.6"
+  
+  required_providers {
+    # Oracle Cloud Infrastructure
+    oci = {
+      source  = "oracle/oci"
+      version = "~> 7.20"
+    }
+    
+    # 其他常用提供商
+    random = {
+      source  = "hashicorp/random"
+      version = "~> 3.1"
+    }
+    
+    tls = {
+      source  = "hashicorp/tls"
+      version = "~> 4.0"
+    }
+    
+    local = {
+      source  = "hashicorp/local"
+      version = "~> 2.1"
+    }
+    
+    # Consul Provider
+    consul = {
+      source  = "hashicorp/consul"
+      version = "~> 2.22.0"
+    }
+    
+    # HashiCorp Vault Provider
+    vault = {
+      source  = "hashicorp/vault"
+      version = "~> 4.0"
+    }
+    
+    # Cloudflare Provider
+    cloudflare = {
+      source  = "cloudflare/cloudflare"
+      version = "~> 3.0"
+    }
+  }
+  
+  # 后端配置
+  backend "local" {
+    path = "terraform.tfstate"
+  }
+}
+
+# Consul Provider配置 - 使用Tailscale IP而非localhost
+provider "consul" {
+  address    = "100.116.158.95:8500"
+  scheme     = "http"
+  datacenter = "dc1"
+}
+
+# 从Consul获取Cloudflare配置
+data "consul_keys" "cloudflare_config" {
+  key {
+    name = "token"
+    path = "config/dev/cloudflare/token"
+  }
+}
+
+# Cloudflare Provider配置
+provider "cloudflare" {
+  api_token = data.consul_keys.cloudflare_config.var.token
+}
+
+# 从Consul获取Oracle Cloud配置
+data "consul_keys" "oracle_config" {
+  key {
+    name = "tenancy_ocid"
+    path = "config/dev/oracle/kr/tenancy_ocid"
+  }
+  key {
+    name = "user_ocid"
+    path = "config/dev/oracle/kr/user_ocid"
+  }
+  key {
+    name = "fingerprint"
+    path = "config/dev/oracle/kr/fingerprint"
+  }
+  key {
+    name = "private_key"
+    path = "config/dev/oracle/kr/private_key"
+  }
+}
+
+# 从Consul获取Oracle Cloud美国区域配置
+data "consul_keys" "oracle_config_us" {
+  key {
+    name = "tenancy_ocid"
+    path = "config/dev/oracle/us/tenancy_ocid"
+  }
+  key {
+    name = "user_ocid"
+    path = "config/dev/oracle/us/user_ocid"
+  }
+  key {
+    name = "fingerprint"
+    path = "config/dev/oracle/us/fingerprint"
+  }
+  key {
+    name = "private_key"
+    path = "config/dev/oracle/us/private_key"
+  }
+}
+
+# 使用从Consul获取的配置的OCI Provider
+provider "oci" {
+  tenancy_ocid     = data.consul_keys.oracle_config.var.tenancy_ocid
+  user_ocid        = data.consul_keys.oracle_config.var.user_ocid
+  fingerprint      = data.consul_keys.oracle_config.var.fingerprint
+  private_key      = file(var.oci_config.private_key_path)
+  region           = "ap-chuncheon-1"
+}
+
+# 美国区域的OCI Provider
+provider "oci" {
+  alias           = "us"
+  tenancy_ocid    = data.consul_keys.oracle_config_us.var.tenancy_ocid
+  user_ocid       = data.consul_keys.oracle_config_us.var.user_ocid
+  fingerprint     = data.consul_keys.oracle_config_us.var.fingerprint
+  private_key     = file(var.oci_config.private_key_path)
+  region          = "us-ashburn-1"
+}
+
+# Oracle Cloud 基础设施
+module "oracle_cloud" {
+  source = "../../providers/oracle-cloud"
+  
+  # 传递变量
+  environment    = var.environment
+  project_name   = var.project_name
+  owner          = var.owner
+  vpc_cidr       = var.vpc_cidr
+  availability_zones = var.availability_zones
+  common_tags    = var.common_tags
+  
+  # 使用从Consul获取的配置
+  oci_config = {
+    tenancy_ocid     = data.consul_keys.oracle_config.var.tenancy_ocid
+    user_ocid        = data.consul_keys.oracle_config.var.user_ocid
+    fingerprint      = data.consul_keys.oracle_config.var.fingerprint
+    private_key_path = var.oci_config.private_key_path
+    region           = "ap-chuncheon-1"
+    compartment_ocid = ""
+  }
+  
+  # 开发环境特定配置
+  instance_count = 1
+  instance_size  = "VM.Standard.E2.1.Micro"  # 免费层
+}
+
+# 输出
+output "oracle_cloud_outputs" {
+  description = "Oracle Cloud 基础设施输出"
+  value       = module.oracle_cloud
+}
+
+# Nomad 多数据中心集群
+module "nomad_cluster" {
+  source = "../../modules/nomad-cluster"
+  
+  # 部署控制变量 - 禁用所有计算资源创建
+  deploy_korea_node = false
+  deploy_us_node    = false  # 暂时禁用美国节点
+  
+  # Oracle Cloud 配置
+  oracle_config = {
+    tenancy_ocid     = data.consul_keys.oracle_config.var.tenancy_ocid
+    user_ocid        = data.consul_keys.oracle_config.var.user_ocid
+    fingerprint      = data.consul_keys.oracle_config.var.fingerprint
+    private_key_path = var.oci_config.private_key_path
+    region           = "ap-chuncheon-1"
+    compartment_ocid = ""
+  }
+  
+  # 通用配置
+  common_tags    = var.common_tags
+  ssh_public_key = var.ssh_public_key
+  
+  # Nomad 特定配置
+  nomad_version    = "1.7.7"
+  nomad_encrypt_key = var.nomad_encrypt_key
+  
+  # Oracle Cloud 特定配置
+  oracle_availability_domain = "Uocm:AP-CHUNCHEON-1-AD-1"
+  oracle_subnet_id = module.oracle_cloud.subnet_ids[0]  # 使用第一个子网
+  
+  # 依赖关系
+  depends_on = [module.oracle_cloud]
+}
+
+# Cloudflare 连通性测试
+data "cloudflare_zones" "available" {
+  filter {
+    status = "active"
+  }
+}
+
+data "cloudflare_accounts" "available" {}
+
+# 输出 Cloudflare 连通性测试结果
+output "cloudflare_connectivity_test" {
+  description = "Cloudflare API 连通性测试结果"
+  value = {
+    zones_count = length(data.cloudflare_zones.available.zones)
+    accounts_count = length(data.cloudflare_accounts.available.accounts)
+    zones = [for zone in data.cloudflare_zones.available.zones : {
+      name = zone.name
+      id   = zone.id
+    }]
+    accounts = [for account in data.cloudflare_accounts.available.accounts : {
+      name = account.name
+      id   = account.id
+    }]
+  }
+}