ben/terraform
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Initial commit: Terraform configurations for multiple cloud providers

Browse Source
This commit is contained in:
Ben User
2026-02-01 06:36:02 +00:00
commit 70f160b396
58 changed files with 1813 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
.gitignore vendored Normal file
View File

@@ -0,0 +1,18 @@
# Terraform 相关文件
.terraform/
*.tfstate
*.tfstate.*
*.tfvars
.terraform.lock.hcl
# 编辑器目录
.vscode/
.idea/
# 日志文件
*.log
# 敏感数据
*.pem
*.key
*.pub

41
README.md Normal file
View File

@@ -0,0 +1,41 @@
# 多云 Terraform 项目
这是一个用于管理多个云平台基础设施的 Terraform 项目。
## 项目结构
```
.
├── volcengine/ # 火山引擎(字节跳动)配置
├── oracle/ # Oracle Cloud甲骨文云配置
├── aws/ # Amazon Web Services 配置
└── modules/ # 共享模块
```
## 使用方法
### 1. 初始化特定云平台
```bash
cd volcengine
terraform init
```
### 2. 配置访问凭证
在每个云的 `main.tf` 文件中配置相应的访问凭证:
- **火山引擎**:需要 `access_key``secret_key``region`
- **Oracle Cloud**:需要 `tenancy_ocid``user_ocid``fingerprint``private_key_path``region`
- **AWS**:需要 `access_key``secret_key``region`
### 3. 规划和应用
```bash
terraform plan
terraform apply
```
## 注意事项
1. 每个云目录独立管理其 Terraform 状态
2. 共享模块放在 `modules/` 目录中
3. 敏感信息应使用环境变量或 Terraform 变量文件管理
4. 建议使用 `.gitignore` 排除 `.terraform` 目录和状态文件

8
aliyun_profile Normal file
View File

@@ -0,0 +1,8 @@
# 阿里云 CLI 配置
[default]
# 默认配置
access_key_id = LTAI5tBRm7PbNFdaGZpUaLUJ
access_key_secret = cYRaxAoE9I3MILlHRgUbowfxQzhj1D
region_id = cn-hangzhou
language = zh

11
aws/.env Normal file
View File

@@ -0,0 +1,11 @@
seekkey
id
AKIAREGNQE37ZFRTTYXQ
key
3g58bhG2w1rPtcX9wmCMWcmF5EOoHy/zwnGdqoTz
capitaltrain
id
AKIATAXHIVZIOWQUHY5A
key
Pe/Xb2dq1YOhadqgDTy7zKwbDLkk8dsvrpJ09kNQ

5
aws/capitaltrain/.env Normal file
View File

@@ -0,0 +1,5 @@
capitaltrain
id
AKIATAXHIVZIOWQUHY5A
key
Pe/Xb2dq1YOhadqgDTy7zKwbDLkk8dsvrpJ09kNQ

15
aws/main.tf Normal file
View File

@@ -0,0 +1,15 @@
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 4.0.0"
}
}
}
provider "aws" {
# 配置AWS访问凭证
# access_key = "your-access-key"
# secret_key = "your-secret-key"
# region = "us-east-1"
}

5
aws/seekkey/.env Normal file
View File

@@ -0,0 +1,5 @@
seekkey
id
AKIAREGNQE37ZFRTTYXQ
key
3g58bhG2w1rPtcX9wmCMWcmF5EOoHy/zwnGdqoTz

8
datadog/.env Normal file
View File

@@ -0,0 +1,8 @@
# Datadog Application Key (以 "ee9a" 结尾)
8ad8eed0af8b041adc43653c176e06f34508ee9a
# Datadog API Key (以 "3c7d" 结尾)
6f3900667c1b401225a8360382c33c7d
# Datadog Site URL
https://us5.datadoghq.com/

48
datadog/README.md Normal file
View File

@@ -0,0 +1,48 @@
# Datadog Terraform Integration
## 配置说明
此目录包含用于与 Datadog 服务集成的 Terraform 配置。
## 必需的凭证
要使用此配置,您需要在 `terraform.tfvars` 文件中提供以下信息:
- `datadog_api_key`: Datadog API 密钥(以 "3c7d" 结尾6f3900667c1b401225a8360382c33c7d
- `datadog_app_key`: Datadog APP 密钥(以 "ee9a" 结尾8ad8eed0af8b041adc43653c176e06f34508ee9a
- `datadog_site`: Datadog 站点 URL已提供https://us5.datadoghq.com/
## 如何获取凭证
1. 您的 Datadog 凭证已经完整:
- **API Key**: `6f3900667c1b401225a8360382c33c7d`(以 "3c7d" 结尾)
- **Application Key**: `8ad8eed0af8b041adc43653c176e06f34508ee9a`(以 "ee9a" 结尾,存储在 .env 文件第一行)
- **站点 URL**: `https://us5.datadoghq.com/`(存储在 .env 文件第二行)
2. 这些值已经正确配置在 `terraform.tfvars` 文件中
3. 连接已验证成功
## 验证连接
运行以下命令来验证连接:
```bash
cd datadog
terraform init
terraform plan
```
## 支持的资源
此配置演示了如何创建 Datadog Monitor但 Datadog Terraform provider 支持广泛的资源类型,包括:
- Monitors监控器
- Dashboards仪表板
- Metrics指标
- Logs日志
- APM 配置
- Security 规则等
## 注意事项
- 请确保您的 API 和 APP 密钥具有适当的权限来创建和管理所需的资源
- 密钥应该安全存储,不要提交到版本控制系统
- 403 错误表示认证失败,请检查您的密钥是否正确且未过期

51
datadog/test-datadog.tf Normal file
View File

@@ -0,0 +1,51 @@
terraform {
required_providers {
datadog = {
source = "DataDog/datadog"
version = "~> 3.0"
}
}
}
# Provider configuration
provider "datadog" {
api_key = var.datadog_api_key
app_key = var.datadog_app_key
api_url = var.datadog_site
}
# Variables
variable "datadog_api_key" {
description = "Datadog API key"
type = string
sensitive = true
}
variable "datadog_app_key" {
description = "Datadog APP key"
type = string
sensitive = true
}
variable "datadog_site" {
description = "Datadog site URL"
type = string
default = "https://api.datadoghq.com"
}
# Example resource - Datadog Monitor
resource "datadog_monitor" "test_monitor" {
name = "Test Monitor"
type = "metric alert"
query = "avg(last_1h):avg:system.cpu.user{*} > 80"
message = "CPU usage is too high"
escalation_message = "Escalation message"
monitor_thresholds {
critical = "80"
}
lifecycle {
ignore_changes = [query] # For testing purposes
}
}

1
digitalocean/.env Normal file
View File

@@ -0,0 +1 @@
DIGITALOCEAN_TOKEN=dop_v1_a1683dcab83cb842cbda460a8944d86d84207e77b051f3f4c8055707a34efca8

71
digitalocean/LIFECYCLE.md Normal file
View File

@@ -0,0 +1,71 @@
# DigitalOcean Terraform 自动销毁说明
## 生命周期管理
本配置包含自动销毁功能,可以在指定日期后自动删除所有 DigitalOcean 资源。
## 配置
`main.tf` 中设置过期日期:
```hcl
variable "expiration_date" {
description = "Expiration date in YYYY-MM-DD format. Use with destroy script"
type = string
default = "2026-03-03"
}
```
## 使用方法
### 1. 手动运行销毁脚本
```bash
# 使用默认日期2026-03-03
./auto_destroy.sh
# 指定过期日期
./auto_destroy.sh 2026-03-01
```
### 2. 设置定时任务cron
每天检查一次是否需要销毁资源:
```bash
# 编辑 crontab
crontab -e
# 添加以下行(每天凌晨 2 点检查)
0 2 * * * /home/ben/terraform/digitalocean/auto_destroy.sh 2026-03-03 >> /var/log/do_destroy.log 2>&1
```
### 3. 手动销毁
如果需要立即销毁所有资源:
```bash
terraform destroy -auto-approve -var="do_token=$(grep DIGITALOCEAN_TOKEN .env | cut -d'=' -f2)"
```
## 脚本行为
- 如果当前日期 **超过** 过期日期:自动执行 `terraform destroy` 删除所有资源
- 如果当前日期 **未超过** 过期日期:显示剩余天数,不执行任何操作
## 注意事项
1. 销毁操作不可逆,请确保在过期日期前备份重要数据
2. 建议在测试环境中先验证脚本行为
3. 可以通过修改 `main.tf` 中的 `expiration_date` 变量来延长或缩短资源生命周期
4. 脚本会自动从 `.env` 文件读取 `DIGITALOCEAN_TOKEN`
## 资源列表
以下资源将在过期后自动删除:
- DigitalOcean Droplet
- Load Balancer
- Floating IP
- SSH Key
- Project

38
digitalocean/auto_destroy.sh Executable file
View File

@@ -0,0 +1,38 @@
#!/bin/bash
set -e
cd "$(dirname "$0")"
EXPIRATION_DATE=${1:-"2026-03-03"}
TODAY=$(date +%Y-%m-%d)
echo "========================================="
echo "DigitalOcean Auto Destroy Script"
echo "========================================="
echo "Expiration Date: $EXPIRATION_DATE"
echo "Today: $TODAY"
echo "========================================="
if [[ "$TODAY" > "$EXPIRATION_DATE" ]]; then
echo "⚠️ Resources have expired! Destroying all resources..."
DO_TOKEN=$(grep DIGITALOCEAN_TOKEN .env | cut -d'=' -f2)
if [ -z "$DO_TOKEN" ]; then
echo "❌ Error: DIGITALOCEAN_TOKEN not found in .env file"
exit 1
fi
echo "Running terraform destroy..."
terraform destroy -auto-approve -var="do_token=$DO_TOKEN"
echo "✅ All resources destroyed successfully!"
else
echo "✅ Resources are still valid. No action needed."
DAYS_UNTIL_EXPIRY=$(( ($(date -d "$EXPIRATION_DATE" +%s) - $(date -d "$TODAY" +%s)) / 86400 ))
echo "Days until expiry: $DAYS_UNTIL_EXPIRY"
fi
echo "========================================="

153
digitalocean/main.tf Normal file
View File

@@ -0,0 +1,153 @@
terraform {
required_providers {
digitalocean = {
source = "digitalocean/digitalocean"
version = ">= 2.0.0"
}
}
}
provider "digitalocean" {
token = var.do_token
}
locals {
balance_json = jsondecode(data.http.do_balance.response_body)
}
data "http" "do_balance" {
url = "https://api.digitalocean.com/v2/customers/my/balance"
request_headers = {
Authorization = "Bearer ${var.do_token}"
}
}
variable "do_token" {
description = "DigitalOcean API Token"
type = string
sensitive = true
}
variable "project_name" {
description = "Project name"
type = string
default = "terraform-project"
}
variable "region" {
description = "DigitalOcean region"
type = string
default = "nyc3"
}
variable "droplet_size" {
description = "Droplet size slug"
type = string
default = "s-1vcpu-1gb"
}
variable "droplet_image" {
description = "Droplet image slug"
type = string
default = "ubuntu-22-04-x64"
}
variable "ssh_public_key_path" {
description = "Path to SSH public key file"
type = string
default = ""
}
variable "expiration_date" {
description = "Expiration date in YYYY-MM-DD format. Use with destroy script"
type = string
default = "2026-03-03"
}
resource "digitalocean_project" "main" {
name = var.project_name
description = "Managed by Terraform"
purpose = "Web Application"
environment = "Development"
}
resource "digitalocean_ssh_key" "main" {
count = var.ssh_public_key_path != "" ? 1 : 0
name = "${var.project_name}-ssh-key"
public_key = file(var.ssh_public_key_path)
}
resource "digitalocean_droplet" "web" {
image = var.droplet_image
name = "${var.project_name}-web-1"
region = var.region
size = var.droplet_size
ssh_keys = var.ssh_public_key_path != "" ? [digitalocean_ssh_key.main[0].fingerprint] : []
tags = ["${var.project_name}-web"]
monitoring = true
}
resource "digitalocean_loadbalancer" "public" {
name = "${var.project_name}-lb"
region = var.region
forwarding_rule {
entry_port = 80
entry_protocol = "http"
target_port = 80
target_protocol = "http"
}
healthcheck {
port = 80
protocol = "http"
path = "/"
}
droplet_ids = [digitalocean_droplet.web.id]
}
resource "digitalocean_floating_ip" "main" {
droplet_id = digitalocean_droplet.web.id
region = var.region
}
output "droplet_ip" {
description = "Public IP of the droplet"
value = digitalocean_droplet.web.ipv4_address
}
output "droplet_name" {
description = "Name of the droplet"
value = digitalocean_droplet.web.name
}
output "loadbalancer_ip" {
description = "Public IP of the load balancer"
value = digitalocean_loadbalancer.public.ip
}
output "floating_ip" {
description = "Floating IP address"
value = digitalocean_floating_ip.main.ip_address
}
output "account_balance" {
description = "DigitalOcean account balance"
value = local.balance_json.account_balance
}
output "month_to_date_balance" {
description = "Month to date balance"
value = local.balance_json.month_to_date_balance
}
output "month_to_date_usage" {
description = "Month to date usage"
value = local.balance_json.month_to_date_usage
}

2
heroku/.env Normal file
View File

@@ -0,0 +1,2 @@
HRKU-AAUX0JnQ334X9YT6wmhiLQWNzhJQIzR6u7CqHhpNuZYA_____wZAJIaLwSNQ
houzhongxu@seekkey.tech

127
heroku/README.md Normal file
View File

@@ -0,0 +1,127 @@
# Heroku Terraform 配置说明
## 当前状态
由于网络连接问题,无法自动下载 Heroku Terraform provider。以下是解决方案。
## 方案一:手动下载 Provider推荐
### 1. 手动下载 Heroku Provider
```bash
# 创建插件目录
mkdir -p ~/.terraform.d/plugins/linux_amd64/
# 下载 provider需要网络连接
cd ~/.terraform.d/plugins/linux_amd64/
wget https://github.com/heroku/terraform-provider-heroku/releases/download/v5.3.2/terraform-provider-heroku_5.3.2_linux_amd64.zip
# 解压
unzip terraform-provider-heroku_5.3.2_linux_amd64.zip
rm terraform-provider-heroku_5.3.2_linux_amd64.zip
# 返回项目目录
cd /home/ben/terraform/heroku
# 初始化
terraform init
```
### 2. 使用配置文件
```bash
# 应用配置
terraform apply -var="heroku_api_key=$(head -1 .env)" -var="heroku_email=$(tail -1 .env)"
```
## 方案二:使用 Heroku CLI替代方案
如果 Terraform provider 无法使用,可以直接使用 Heroku CLI
### 安装 Heroku CLI
```bash
# 使用 snap 安装
sudo snap install --classic heroku
# 或使用 npm
npm install -g heroku
```
### 登录 Heroku
```bash
heroku login
```
### 创建应用
```bash
# 创建新应用
heroku create my-app
# 查看应用
heroku apps
# 添加 PostgreSQL
heroku addons:create heroku-postgresql:essential-0
# 添加 Redis
heroku addons:create heroku-redis:mini
# 设置环境变量
heroku config:set NODE_ENV=production PORT=8080
# 查看日志
heroku logs --tail
# 部署应用
git push heroku main
```
## 方案三:使用 HTTP 代理
如果你有可用的代理,可以配置环境变量:
```bash
# 设置代理
export HTTP_PROXY=http://your-proxy:port
export HTTPS_PROXY=http://your-proxy:port
# 初始化 Terraform
terraform init
```
## 当前账户信息
根据 API 查询,你的 Heroku 账户有以下应用:
- **应用名称**: cauldron
- **应用 URL**: https://cauldron-6e3816f9af3f.herokuapp.com/
- **Stack**: heroku-24
- **区域**: us
- **邮箱**: houzhongxu@seekkey.tech
## Terraform 配置文件说明
[main.tf](file:///home/ben/terraform/heroku/main.tf) 包含以下资源:
1. **Heroku App** - 主应用
2. **Formation** - Web dyno 配置
3. **PostgreSQL Add-on** - 数据库
4. **Redis Add-on** - 缓存
5. **Config Vars** - 环境变量
## 可自定义的变量
- `app_name` - 应用名称默认terraform-app
- `region` - 区域默认us
- `stack` - Stack 版本默认heroku-22
- `dyno_size` - Dyno 规格默认basic
## 注意事项
1. Heroku 免费版已经停止,需要付费使用
2. Add-ons 会产生额外费用
3. 建议先在测试环境验证配置
4. 记得定期检查账单和资源使用情况

99
heroku/main.tf Normal file
View File

@@ -0,0 +1,99 @@
terraform {
required_providers {
heroku = {
source = "heroku/heroku"
}
}
}
provider "heroku" {
email = var.heroku_email
api_key = var.heroku_api_key
}
variable "heroku_api_key" {
description = "Heroku API Key"
type = string
sensitive = true
}
variable "heroku_email" {
description = "Heroku Email"
type = string
}
variable "app_name" {
description = "Heroku App Name"
type = string
default = "terraform-app"
}
variable "region" {
description = "Heroku Region"
type = string
default = "us"
}
variable "stack" {
description = "Heroku Stack"
type = string
default = "heroku-22"
}
variable "dyno_size" {
description = "Dyno Size"
type = string
default = "basic"
}
resource "heroku_app" "main" {
name = var.app_name
region = var.region
stack = var.stack
}
resource "heroku_formation" "web" {
app_id = heroku_app.main.id
type = "web"
quantity = 1
size = var.dyno_size
}
resource "heroku_addon" "postgres" {
app_id = heroku_app.main.id
plan = "heroku-postgresql:essential-0"
}
resource "heroku_addon" "redis" {
app_id = heroku_app.main.id
plan = "heroku-redis:mini"
}
resource "heroku_config" "app_config" {
sensitive_vars = {
NODE_ENV = "production"
PORT = "8080"
}
}
output "app_url" {
description = "Heroku App URL"
value = "https://${var.app_name}.herokuapp.com"
}
output "app_name" {
description = "Heroku App Name"
value = heroku_app.main.name
}
output "postgres_url" {
description = "PostgreSQL Database URL"
value = heroku_addon.postgres.config_var_values
sensitive = true
}
output "redis_url" {
description = "Redis URL"
value = heroku_addon.redis.config_var_values
sensitive = true
}

13
modules/network/main.tf Normal file
View File

@@ -0,0 +1,13 @@
# 通用网络模块示例
# 这是一个跨云网络模块的示例结构
# 实际实现需要根据具体的云平台进行调整
resource "null_resource" "network_example" {
triggers = {
name = var.network_name
}
provisioner "local-exec" {
command = "echo '创建网络: ${var.network_name}'"
}
}

9
modules/network/outputs.tf Normal file
View File

@@ -0,0 +1,9 @@
output "network_name" {
description = "网络名称"
value = var.network_name
}
output "cidr_block" {
description = "CIDR 地址块"
value = var.cidr_block
}

17
modules/network/variables.tf Normal file
View File

@@ -0,0 +1,17 @@
variable "network_name" {
description = "网络名称"
type = string
default = "my-network"
}
variable "cidr_block" {
description = "CIDR 地址块"
type = string
default = "10.0.0.0/16"
}
variable "tags" {
description = "资源标签"
type = map(string)
default = {}
}

73
oracle/README.md Normal file
View File

@@ -0,0 +1,73 @@
# Oracle Cloud (OCI) Terraform 配置
## 项目结构
```
oracle/
├── main.tf # 根配置Provider 定义)
├── modules/ # 共享模块
│ ├── vcn/ # 虚拟云网络模块
│ │ ├── main.tf
│ │ ├── variables.tf
│ │ └── outputs.tf
│ └── compute/ # 计算实例模块
│ ├── main.tf
│ └── variables.tf
└── environments/ # 环境特定配置
├── dev/ # 开发环境
│ ├── main.tf
│ └── variables.tf
└── prod/ # 生产环境
├── main.tf
└── variables.tf
```
## 配置说明
### 1. ~/.oci 配置
您的 OCI 配置已经位于 `~/.oci/` 目录中,包含:
- `config` - OCI 配置文件
- `oci_api_key.pem` - 私钥文件
Terraform OCI Provider 会自动读取这些配置,无需在代码中硬编码凭证。
### 2. 如何使用
**开发环境**
```bash
cd environments/dev
terraform init
terraform plan
terraform apply
```
**生产环境**
```bash
cd environments/prod
terraform init
terraform plan
terraform apply
```
### 3. 模块使用
模块位于 `modules/` 目录,可以在不同环境中重复使用:
```hcl
module "vcn" {
source = "../../modules/vcn"
compartment_id = var.compartment_id
vcn_name = "my-vcn"
cidr_block = "10.0.0.0/16"
}
```
## 优势
1. **环境隔离**dev 和 prod 环境完全分离
2. **代码复用**:模块可在不同环境中共享
3. **配置安全**:敏感信息存储在 `~/.oci`,不在代码中
4. **易于扩展**:可添加 staging、test 等环境
## 注意事项
1. 每个环境有独立的 Terraform 状态文件
2. 建议使用不同的 Compartment 或 Tenancy 隔离环境
3. 生产环境的 CIDR 和规格应与开发环境不同

38
oracle/environments/dev/main.tf Normal file
View File

@@ -0,0 +1,38 @@
terraform {
required_providers {
oci = {
source = "oracle/oci"
version = ">= 4.0.0"
}
}
}
provider "oci" {
# 使用 ~/.oci/config 中的配置
# 如果 ~/.oci/config 已正确配置,以下参数可以省略
# 或者显式指定配置(可选)
# tenancy_ocid = "your-tenancy-ocid"
# user_ocid = "your-user-ocid"
# fingerprint = "your-fingerprint"
# private_key_path = "~/.oci/oci_api_key.pem"
# region = "us-phoenix-1"
}
module "vcn" {
source = "../../modules/vcn"
compartment_id = var.compartment_id
vcn_name = "${var.environment}-vcn"
cidr_block = "10.0.0.0/16"
dns_label = "devvcn"
}
module "compute" {
source = "../../modules/compute"
compartment_id = var.compartment_id
instance_name = "${var.environment}-instance"
shape = "VM.Standard2.1"
subnet_id = "ocid1.subnet.oc1..example" # 这里应该使用实际的子网 OCID
}

11
oracle/environments/dev/variables.tf Normal file
View File

@@ -0,0 +1,11 @@
variable "compartment_id" {
description = "开发环境的 Compartment OCID"
type = string
default = "ocid1.compartment.oc1..example"
}
variable "environment" {
description = "环境名称"
type = string
default = "dev"
}

38
oracle/environments/prod/main.tf Normal file
View File

@@ -0,0 +1,38 @@
terraform {
required_providers {
oci = {
source = "oracle/oci"
version = ">= 4.0.0"
}
}
}
provider "oci" {
# 使用 ~/.oci/config 中的配置
# 如果 ~/.oci/config 已正确配置,以下参数可以省略
# 或者显式指定配置(可选)
# tenancy_ocid = "your-tenancy-ocid"
# user_ocid = "your-user-ocid"
# fingerprint = "your-fingerprint"
# private_key_path = "~/.oci/oci_api_key.pem"
# region = "us-phoenix-1"
}
module "vcn" {
source = "../../modules/vcn"
compartment_id = var.compartment_id
vcn_name = "${var.environment}-vcn"
cidr_block = "10.1.0.0/16" # 生产环境使用不同的 CIDR
dns_label = "prodvcn"
}
module "compute" {
source = "../../modules/compute"
compartment_id = var.compartment_id
instance_name = "${var.environment}-instance"
shape = "VM.Standard4.2" # 生产环境使用更高的规格
subnet_id = "ocid1.subnet.oc1..example" # 这里应该使用实际的子网 OCID
}

11
oracle/environments/prod/variables.tf Normal file
View File

@@ -0,0 +1,11 @@
variable "compartment_id" {
description = "生产环境的 Compartment OCID"
type = string
default = "ocid1.compartment.oc1..example"
}
variable "environment" {
description = "环境名称"
type = string
default = "prod"
}

26
oracle/kr/README.md Normal file
View File

@@ -0,0 +1,26 @@
# Oracle Cloud 韩国账号配置
## 配置说明
此目录包含韩国 Oracle Cloud 账号的 Terraform 配置。配置使用 `~/.oci/config` 文件中的 `[korea]` profile。
## 账号信息
- **区域**: ap-chuncheon-1韩国春川
- **Profile**: korea
- **密钥文件**: ~/.oci/oci_api_key_kr.pem
## 使用方法
```bash
cd /home/ben/terraform/oracle/kr
terraform init
terraform plan
terraform apply
```
## 区域特性
- **韩国春川区域** (ap-chuncheon-1): 位于韩国江原道,提供低延迟访问韩国本地市场
- 韩国区域的合规要求和服务可用性可能与美国区域不同
## 注意事项
- 确保 `~/.oci/config` 中的 [korea] 配置正确
- 韩国区域的资源命名可能需要遵守本地化规范
- 考虑网络延迟和本地合规要求

20
oracle/kr/main.tf Normal file
View File

@@ -0,0 +1,20 @@
terraform {
required_providers {
oci = {
source = "oracle/oci"
version = ">= 4.0.0"
}
}
}
provider "oci" {
# 韩国账号配置 - 使用 ~/.oci/config 中的 [korea] profile
config_file_profile = "korea"
# 或者,如果需要覆盖某些配置,可以显式指定:
# tenancy_ocid = "ocid1.tenancy.oc1..aaaaaaaawfv2wd54ly75ppfjgdgap7rtd3vhtziz25dwx23xo4rbkxnxlapq"
# user_ocid = "ocid1.user.oc1..aaaaaaaaqoa2my3fwh3jbayachyylqyneiveydrjliu2qz65ijlc57ehplha"
# fingerprint = "13:bd:ef:e3:bd:b8:5a:35:1a:b4:2d:82:4b:93:ff:19"
# private_key_path = "~/.oci/oci_api_key_kr.pem"
# region = "ap-chuncheon-1"
}

20
oracle/main.tf Normal file
View File

@@ -0,0 +1,20 @@
terraform {
required_providers {
oci = {
source = "oracle/oci"
version = ">= 4.0.0"
}
}
}
provider "oci" {
# 使用 ~/.oci/config 中的配置
# 如果 ~/.oci/config 已正确配置,以下参数可以省略
# 或者显式指定配置(可选)
# tenancy_ocid = "your-tenancy-ocid"
# user_ocid = "your-user-ocid"
# fingerprint = "your-fingerprint"
# private_key_path = "~/.oci/oci_api_key.pem"
# region = "us-phoenix-1"
}

14
oracle/modules/compute/main.tf Normal file
View File

@@ -0,0 +1,14 @@
# Oracle 计算实例模块示例
# 这是一个示例,实际使用时需要替换为真实的 OCI 资源
resource "null_resource" "compute_example" {
triggers = {
compartment_id = var.compartment_id
instance_name = var.instance_name
shape = var.shape
}
provisioner "local-exec" {
command = "echo '创建计算实例: ${var.instance_name},规格: ${var.shape},在 Compartment: ${var.compartment_id}'"
}
}

21
oracle/modules/compute/variables.tf Normal file
View File

@@ -0,0 +1,21 @@
variable "compartment_id" {
description = "Compartment OCID"
type = string
}
variable "instance_name" {
description = "计算实例名称"
type = string
default = "my-instance"
}
variable "shape" {
description = "实例规格"
type = string
default = "VM.Standard2.1"
}
variable "subnet_id" {
description = "子网 OCID"
type = string
}

13
oracle/modules/vcn/main.tf Normal file
View File

@@ -0,0 +1,13 @@
# Oracle VCN 模块示例
# 这是一个示例,实际使用时需要替换为真实的 OCI 资源
resource "null_resource" "vcn_example" {
triggers = {
compartment_id = var.compartment_id
vcn_name = var.vcn_name
}
provisioner "local-exec" {
command = "echo '创建 VCN: ${var.vcn_name}CIDR: ${var.cidr_block},在 Compartment: ${var.compartment_id}'"
}
}

9
oracle/modules/vcn/outputs.tf Normal file
View File

@@ -0,0 +1,9 @@
output "vcn_name" {
description = "VCN 名称"
value = var.vcn_name
}
output "cidr_block" {
description = "CIDR 地址块"
value = var.cidr_block
}

22
oracle/modules/vcn/variables.tf Normal file
View File

@@ -0,0 +1,22 @@
variable "compartment_id" {
description = "Compartment OCID where the VCN will be created"
type = string
}
variable "vcn_name" {
description = "Name of the VCN"
type = string
default = "my-vcn"
}
variable "cidr_block" {
description = "CIDR block for the VCN"
type = string
default = "10.0.0.0/16"
}
variable "dns_label" {
description = "DNS label for the VCN"
type = string
default = "vcn"
}

26
oracle/us/README.md Normal file
View File

@@ -0,0 +1,26 @@
# Oracle Cloud 美国账号配置
## 配置说明
此目录包含美国 Oracle Cloud 账号的 Terraform 配置。配置使用 `~/.oci/config` 文件中的 `[DEFAULT]` profile。
## 账号信息
- **区域**: us-ashburn-1弗吉尼亚
- **Profile**: DEFAULT
- **密钥文件**: ~/.oci/oci_api_key.pem
## 使用方法
```bash
cd /home/ben/terraform/oracle/us
terraform init
terraform plan
terraform apply
```
## 环境配置
如果需要多环境dev/prod可以考虑
1. 在此目录下创建 `environments/` 子目录
2. 或者使用根目录的共享 `environments/``modules/` 目录
## 注意事项
- 确保 `~/.oci/config` 中的 [DEFAULT] 配置正确
- 美国区域的资源命名和合规要求可能与其他区域不同

20
oracle/us/main.tf Normal file
View File

@@ -0,0 +1,20 @@
terraform {
required_providers {
oci = {
source = "oracle/oci"
version = ">= 4.0.0"
}
}
}
provider "oci" {
# 美国账号配置 - 使用 ~/.oci/config 中的 [DEFAULT] profile
# config_file_profile = "DEFAULT" # 可选DEFAULT 是默认值
# 或者,如果需要覆盖某些配置,可以显式指定:
# tenancy_ocid = "ocid1.tenancy.oc1..aaaaaaaayyhuf6swf2ho4s5acdpee6zssst6j7nkiri4kyfdusxzn3e7p32q"
# user_ocid = "ocid1.user.oc1..aaaaaaaappc7zxue4dlrsjljg4fwl6wcc5smetreuvpqn72heiyvjeeqanqq"
# fingerprint = "36:2f:3e:19:fa:9e:bb:81:30:26:f2:d7:52:d4:1d:88"
# private_key_path = "~/.oci/oci_api_key.pem"
# region = "us-ashburn-1"
}

BIN
registry.terraform.io/volcengine/volcengine/0.0.186/linux_amd64/terraform-provider-volcengine_v0.0.186 Executable file
View File

Binary file not shown.

68
ssh_keys/GITEA_SSH_SETUP.md Normal file
View File

@@ -0,0 +1,68 @@
# Gitea 部署密钥配置指南
## 密钥信息
我们创建了使用 Ed25519 算法的 SSH 密钥对,这是目前最安全的 SSH 密钥算法之一。
## 密钥文件
- **私钥**: `gitea_deploy_key_ed25519`
- **公钥**: `gitea_deploy_key_ed25519.pub`
## 在 Gitea 中配置部署密钥
### 1. 添加部署密钥到 Gitea 仓库
1. 登录到你的 Gitea 实例
2. 导航到你的私有仓库
3. 点击 "Settings"(设置)
4. 在左侧菜单中选择 "Deploy Keys"(部署密钥)
5. 点击 "Add Key"(添加密钥)
6. 输入密钥标题,例如 "Deployment Key"
7. 将以下公钥内容粘贴到密钥字段中:
```
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB1Eiqridn8nvb0nzwX5qfkN7Z4U94vKtvCBf0pbDHvz gitea-deploy-key@private
```
8. 选择适当的权限(通常选择 "Read" 权限用于部署)
9. 点击 "Add Key"(添加密钥)
### 2. 配置服务器使用私钥
将私钥 `gitea_deploy_key_ed25519` 安装到你的部署服务器上:
1. 将私钥复制到服务器上的 `~/.ssh/` 目录
2. 设置正确的权限:
```bash
chmod 600 ~/.ssh/gitea_deploy_key_ed25519
```
3. 配置 SSH 客户端使用此密钥(在 `~/.ssh/config` 中):
```
Host your-gitea-host.com
IdentityFile ~/.ssh/gitea_deploy_key_ed25519
User git
```
### 3. 在 CI/CD 中使用
如果你在 CI/CD 系统中使用此密钥:
1. 将私钥内容作为密钥存储在 CI/CD 系统中
2. 在构建脚本中创建临时 SSH 配置:
```bash
mkdir -p ~/.ssh
echo "$GITEA_DEPLOY_KEY" > ~/.ssh/gitea_deploy_key_ed25519
chmod 600 ~/.ssh/gitea_deploy_key_ed25519
```
## 安全注意事项
- 保护好私钥文件,不要将其提交到代码仓库
- 定期轮换部署密钥建议每6-12个月
- 使用最小权限原则,只为密钥分配必要的访问权限
- 监控密钥的使用情况
## 备用密钥
我们也保留了 ECDSA 密钥作为备用选项,但建议优先使用 Ed25519 密钥。

69
ssh_keys/USAGE_INSTRUCTIONS.md Normal file
View File

@@ -0,0 +1,69 @@
# SSH 密钥使用说明
## 默认 SSH 密钥配置
我们已创建了 Ed25519 加密的 SSH 密钥对,作为你的默认 SSH 密钥。
### 密钥文件位置
- **私钥**: `/home/ben/terraform/ssh_keys/gitea_deploy_key_ed25519`
- **公钥**: `/home/ben/terraform/ssh_keys/gitea_deploy_key_ed25519.pub`
- **SSH 配置**: `/home/ben/terraform/ssh_keys/config`
### 如何使用(推荐方法)
由于安全限制,我们不能直接修改你的主目录下的 `.ssh` 文件夹。请按以下步骤使用这些密钥:
#### 方法 1: 复制配置文件
```bash
# 备份现有配置(如有)
cp ~/.ssh/config ~/.ssh/config.backup 2>/dev/null || true
# 复制新的配置
cp /home/ben/terraform/ssh_keys/config ~/.ssh/config
# 设置正确的权限
chmod 600 ~/.ssh/config
```
#### 方法 2: 手动添加到现有配置
如果已有 SSH 配置,可将以下内容追加到 `~/.ssh/config`
```
# 默认使用 Ed25519 密钥
Host *
IdentityFile /home/ben/terraform/ssh_keys/gitea_deploy_key_ed25519
IdentitiesOnly yes
```
### 验证密钥
要验证 SSH 密钥是否正常工作:
```bash
# 测试 SSH 连接
ssh -T -i /home/ben/terraform/ssh_keys/gitea_deploy_key_ed25519 git@your-gitea-server.com
```
### 权限设置
确保密钥文件有正确的权限:
```bash
chmod 600 /home/ben/terraform/ssh_keys/gitea_deploy_key_ed25519
chmod 644 /home/ben/terraform/ssh_keys/gitea_deploy_key_ed25519.pub
```
### 在 Gitea 中使用
1. 将公钥内容添加到 Gitea 的部署密钥中
2. 公钥内容可通过以下命令查看:
```bash
cat /home/ben/terraform/ssh_keys/gitea_deploy_key_ed25519.pub
```
### 安全提示
- 保护好私钥文件,不要分享给他人
- 定期更换密钥建议每6-12个月
- 使用 `IdentitiesOnly yes` 可防止 SSH 代理泄露

18
ssh_keys/config Normal file
View File

@@ -0,0 +1,18 @@
# SSH Config for Default Key Usage
# 默认使用 Ed25519 密钥
Host *
IdentityFile /home/ben/terraform/ssh_keys/gitea_deploy_key_ed25519
IdentitiesOnly yes
# Gitea 专用配置
Host gitea.*
IdentityFile /home/ben/terraform/ssh_keys/gitea_deploy_key_ed25519
User git
IdentitiesOnly yes
# 火山引擎相关配置
Host *.volces.com
IdentityFile /home/ben/terraform/ssh_keys/gitea_deploy_key_ed25519
User git
IdentitiesOnly yes

29
volcengine/.gitignore vendored Normal file
View File

@@ -0,0 +1,29 @@
# Terraform files
*.tfstate
*.tfstate.*
*.tfvars
*.tfvars.json
*.tmp
# Terraform directories
.terraform/
.terraform.lock.hcl
# Terragrunt files
.terragrunt-cache/
# Other common files
crash.log
crash.*.log
*.pid
*.backup
# Sensitive files
*.key
*.pem
*.crt
*.cert
# Local environment files
.env
.local

95
volcengine/CROSS_ARCHITECTURE.md Normal file
View File

@@ -0,0 +1,95 @@
# 跨架构运行说明
## 支持的架构
此 Terraform 配置支持以下架构:
- Linux AMD64 (x86_64)
- Linux ARM64
- macOS AMD64
- macOS ARM64 (Apple Silicon)
## 本地部署(当前配置)
当前配置使用本地预下载的 provider仅支持 Linux AMD64 架构。如需在其他架构上运行,请按以下步骤操作:
### 1. 删除本地 provider 配置
```bash
# 进入相应目录
cd /path/to/volcengine/personal
# 或
cd /path/to/volcengine/company
# 删除本地 provider 配置
rm -rf .terraform .terraformrc
```
### 2. 下载对应架构的 provider
根据不同架构下载对应的 provider
- AMD64: `terraform-provider-volcengine_v0.0.186_linux_amd64.zip`
- ARM64: `terraform-provider-volcengine_v0.0.186_linux_arm64.zip`
### 3. 配置 provider 路径
创建相应的目录结构并放置 provider 文件:
```bash
mkdir -p ~/.terraform.d/plugins/registry.terraform.io/volcengine/volcengine/0.0.186/<OS>_<ARCH>/
```
### 4. 使用网络下载(推荐)
最简单的方式是允许 Terraform 自动下载适合当前架构的 provider
```bash
# 删除本地配置
rm .terraformrc
# 运行初始化
terraform init
```
Terraform 会自动下载适合当前架构的 provider。
## GitHub Actions 部署示例
```yaml
name: Deploy to VolcEngine
on:
push:
branches: [ main ]
jobs:
deploy:
runs-on: ubuntu-latest # 或 ubuntu-22.04-arm
strategy:
matrix:
arch: [amd64, arm64]
steps:
- uses: actions/checkout@v3
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2
with:
terraform_version: 1.5.0
- name: Initialize Terraform
run: terraform init
- name: Plan
run: terraform plan
- name: Apply
run: terraform apply -auto-approve
```
## 注意事项
1. **认证信息** - 确保在不同环境中正确配置了访问密钥
2. **网络连接** - 确保可以访问火山引擎 API
3. **权限** - 确保有足够的权限创建所需的资源
4. **配额** - 检查目标区域的资源配额

89
volcengine/GIT_EXCLUDES.md Normal file
View File

@@ -0,0 +1,89 @@
# Terraform 代码仓库最佳实践
## 应该提交到仓库的文件
1. **配置文件**:
- `main.tf` - 主配置文件
- `variables.tf` - 变量定义
- `outputs.tf` - 输出定义
- `providers.tf` - Provider 配置
- `versions.tf` - 版本约束
2. **文档文件**:
- `README.md` - 项目说明
- `CHANGELOG.md` - 变更日志
- `LICENSE` - 许可证
3. **配置文件**:
- `.gitignore` - Git 忽略规则
- `terraform.tfvars.example` - 变量示例文件
## 不应该提交到仓库的文件
### 1. 状态文件 (.tfstate)
- **原因**: 包含敏感信息和当前基础设施状态
- **风险**: 泄露基础设施详情,可能导致安全问题
- **位置**: `terraform.tfstate`, `terraform.tfstate.backup`
### 2. 本地配置文件 (terraform.tfvars)
- **原因**: 包含敏感的访问密钥和配置
- **替代方案**: 提交 `terraform.tfvars.example` 作为模板
### 3. Provider 目录 (.terraform/)
- **原因**:
- 包含下载的 provider 二进制文件
- 文件体积大,不适合存入 Git
- 二进制文件在不同架构上不同
- **说明**: 每个用户应通过 `terraform init` 下载
### 4. 锁定文件 (.terraform.lock.hcl)
- **原因**: 包含特定于本地系统的 provider 校验和
- **例外**: 如果团队使用相同架构,可选择提交
### 5. 临时和日志文件
- **原因**: 临时文件,不应进入版本控制
- **包括**: 日志文件、备份文件、临时文件
## 推荐的 .gitignore 模式
```
# Terraform
*.tfstate
*.tfstate.*
.terraform/
.terraform.lock.hcl
# Sensitive files
terraform.tfvars
# Logs
*.log
*.backup
```
## 安全注意事项
1. **绝不要提交敏感信息**:
- 访问密钥 (Access Keys)
- 私钥 (Private Keys)
- 密码 (Passwords)
- 其他认证信息
2. **使用环境变量或外部密钥管理**:
- AWS Secrets Manager
- HashiCorp Vault
- 环境变量
3. **定期审查**:
- 检查是否有敏感信息被意外提交
- 使用 `git-secrets` 等工具扫描
## 工作流程
1. 开发者克隆仓库
2. 创建 `terraform.tfvars` 文件 (不提交)
3. 运行 `terraform init` 下载 providers
4. 运行 `terraform plan``terraform apply`
5. 状态文件仅保存在本地或远程后端
这样可以确保代码库的安全性和可移植性。

72
volcengine/README.md Normal file
View File

@@ -0,0 +1,72 @@
# 火山引擎 Terraform 配置
此目录包含火山引擎的 Terraform 配置文件,分为个人账号和企业账号两个环境。
## 目录结构
```
volcengine/
├── personal/ # 个人账号配置
│ ├── main.tf
│ ├── variables.tf
│ ├── terraform.tfvars
│ └── README.md
└── company/ # 企业账号配置
├── main.tf
├── variables.tf
├── terraform.tfvars
└── README.md
```
## 使用说明
### 个人账号
1. 进入个人账号目录:
```bash
cd /home/ben/terraform/volcengine/personal
```
2. 初始化 Terraform
```bash
terraform init
```
3. 查看计划:
```bash
terraform plan
```
4. 应用配置:
```bash
terraform apply
```
### 企业账号
1. 进入企业账号目录:
```bash
cd /home/ben/terraform/volcengine/company
```
2. 初始化 Terraform
```bash
terraform init
```
3. 查看计划:
```bash
terraform plan
```
4. 应用配置:
```bash
terraform apply
```
## 注意事项
- 请确保已安装火山引擎的 Terraform Provider
- 敏感信息已存储在 terraform.tfvars 文件中
- 在生产环境中使用前请仔细检查所有配置
- 可以根据需要修改 variables.tf 中的默认值

41
volcengine/common/main.tf Normal file
View File

@@ -0,0 +1,41 @@
# 火山引擎 Terraform 配置 - 支持多架构
# 适用于 x86_64 和 ARM64 架构
# 提供商要求
terraform {
required_providers {
volcengine = {
source = "volcengine/volcengine"
version = "0.0.186"
}
}
}
# 提供商配置
provider "volcengine" {
region = var.region
access_key = var.access_key_id
secret_key = var.secret_access_key
}
# 示例资源 - VPC
resource "volcengine_vpc" "example_vpc" {
vpc_name = var.vpc_name
cidr_block = var.cidr_block
}
# 输出信息
output "vpc_id" {
description = "VPC ID"
value = volcengine_vpc.example_vpc.id
}
output "vpc_name" {
description = "VPC Name"
value = volcengine_vpc.example_vpc.vpc_name
}
output "region" {
description = "Region"
value = var.region
}

15
volcengine/company/.gitignore vendored Normal file
View File

@@ -0,0 +1,15 @@
# Terraform files
*.tfstate
*.tfstate.*
.terraform/
.terraform.lock.hcl
# Sensitive files
terraform.tfvars
# Local temporary files
*.tmp
*.backup
# Terragrunt
.terragrunt-cache/

9
volcengine/company/.terraformrc Normal file
View File

@@ -0,0 +1,9 @@
provider_installation {
filesystem_mirror {
path = "/home/ben/terraform"
include = ["volcengine/*"]
}
direct {
exclude = ["volcengine/*"]
}
}

5
volcengine/company/config Normal file
View File

@@ -0,0 +1,5 @@
# 火山引擎企业账号配置
[company]
access_key_id = AKLTZTc2N2VhMDkyMThlNDFlMmIxYjU1ZDBiNmJmNmM4OWM
secret_access_key = TVRJeU16aGtNekk1TWpjM05ETTRZams1TURnNU1HUTVNMlZtWTJOalltUQ==
region = cn-beijing

32
volcengine/company/main.tf Normal file
View File

@@ -0,0 +1,32 @@
# 火山引擎 Terraform 配置 - 企业账号
terraform {
required_providers {
volcengine = {
source = "volcengine/volcengine"
version = "0.0.186" # 使用最新可用版本
}
}
}
# 示例资源 - VPC
resource "volcengine_vpc" "company_vpc" {
vpc_name = var.vpc_name
cidr_block = var.cidr_block
}
# 输出信息
output "vpc_id" {
description = "Company VPC ID"
value = volcengine_vpc.company_vpc.id
}
output "vpc_name" {
description = "Company VPC Name"
value = volcengine_vpc.company_vpc.vpc_name
}
output "region" {
description = "Region"
value = var.region
}

6
volcengine/company/providers.tf Normal file
View File

@@ -0,0 +1,6 @@
# 配置本地 provider
provider "volcengine" {
region = var.region
access_key = var.access_key_id
secret_key = var.secret_access_key
}

30
volcengine/company/variables.tf Normal file
View File

@@ -0,0 +1,30 @@
# 火山引擎 Terraform 变量定义
variable "region" {
description = "目标区域"
type = string
default = "cn-beijing"
}
variable "access_key_id" {
description = "访问密钥ID"
type = string
}
variable "secret_access_key" {
description = "秘密访问密钥"
type = string
sensitive = true
}
variable "vpc_name" {
description = "VPC名称"
type = string
default = "terraform-vpc"
}
variable "cidr_block" {
description = "VPC CIDR块"
type = string
default = "10.0.0.0/16"
}

15
volcengine/main.tf Normal file
View File

@@ -0,0 +1,15 @@
terraform {
required_providers {
volcengine = {
source = "volcengine/volcengine"
version = "0.0.129"
}
}
}
provider "volcengine" {
# 这里需要配置访问凭证
# access_key = "your-access-key"
# secret_key = "your-secret-key"
# region = "cn-beijing"
}

15
volcengine/personal/.gitignore vendored Normal file
View File

@@ -0,0 +1,15 @@
# Terraform files
*.tfstate
*.tfstate.*
.terraform/
.terraform.lock.hcl
# Sensitive files
terraform.tfvars
# Local temporary files
*.tmp
*.backup
# Terragrunt
.terragrunt-cache/

9
volcengine/personal/.terraformrc Normal file
View File

@@ -0,0 +1,9 @@
provider_installation {
filesystem_mirror {
path = "/home/ben/terraform"
include = ["volcengine/*"]
}
direct {
exclude = ["volcengine/*"]
}
}

5
volcengine/personal/config Normal file
View File

@@ -0,0 +1,5 @@
# 火山引擎个人账号配置
[personal]
access_key_id = AKLTYWQwMjgyNWM1ZmIzNDk3MTljYzNmNTgyMjQ2NzU2ZGY
secret_access_key = T0RGak9UY3dZV05qT1RCbU5HVXpabUkwTXpSaVpEQmlNbVF3WWpObU0yTQ==
region = cn-beijing

32
volcengine/personal/main.tf Normal file
View File

@@ -0,0 +1,32 @@
# 火山引擎 Terraform 配置 - 个人账号
terraform {
required_providers {
volcengine = {
source = "volcengine/volcengine"
version = "0.0.186" # 使用最新可用版本
}
}
}
# 示例资源 - VPC
resource "volcengine_vpc" "personal_vpc" {
vpc_name = var.vpc_name
cidr_block = var.cidr_block
}
# 输出信息
output "vpc_id" {
description = "Personal VPC ID"
value = volcengine_vpc.personal_vpc.id
}
output "vpc_name" {
description = "Personal VPC Name"
value = volcengine_vpc.personal_vpc.vpc_name
}
output "region" {
description = "Region"
value = var.region
}

6
volcengine/personal/providers.tf Normal file
View File

@@ -0,0 +1,6 @@
# 配置本地 provider
provider "volcengine" {
region = var.region
access_key = var.access_key_id
secret_key = var.secret_access_key
}

30
volcengine/personal/variables.tf Normal file
View File

@@ -0,0 +1,30 @@
# 火山引擎 Terraform 变量定义
variable "region" {
description = "目标区域"
type = string
default = "cn-beijing"
}
variable "access_key_id" {
description = "访问密钥ID"
type = string
}
variable "secret_access_key" {
description = "秘密访问密钥"
type = string
sensitive = true
}
variable "vpc_name" {
description = "VPC名称"
type = string
default = "terraform-vpc"
}
variable "cidr_block" {
description = "VPC CIDR块"
type = string
default = "172.16.0.0/16"
}

21
volcengine/provider-config.hcl Normal file
View File

@@ -0,0 +1,21 @@
# 配置多架构支持
provider_installation {
filesystem_mirror {
path = "${getenv("HOME")}/.terraform.d/plugins"
include = ["volcengine/*"]
}
direct {
exclude = ["volcengine/*"]
}
}
# 或者允许从网络下载
provider_installation {
network_mirror {
url = "https://releases.hashicorp.com"
include = ["*/*"]
}
direct {
exclude = []
}
}