WIP: TFGrid single-VM deployment with web gateway (HTTPS) #42

Closed

mik-tf wants to merge 3 commits from development_deploy_tfgrid into development_production_container

pull from: development_deploy_tfgrid

merge into: lhumina_code:development_production_container

lhumina_code:development

lhumina_code:development_base_image

lhumina_code:development_timur

lhumina_code:development_kristof

lhumina_code:main

Conversation 1 Commits 3 Files changed 10 +591

mik-tf commented 2026-02-27 00:27:55 +00:00

Owner

Copy link

Summary

• Add deploy/single-vm/ with OpenTofu + scripts for TFGrid deployment
• Uses grid_name_proxy web gateway for HTTPS (no public IPv4 needed)
• Docker-based: pulls pre-built container, runs with systemd auto-restart
• Multi-environment: make all ENV=prod or make all ENV=dev

Files

• tf/main.tf — VM + network + web gateway
• scripts/setup.sh — Docker install, image pull, systemd service
• scripts/update.sh — Quick pull + restart
• Makefile — Orchestration (init, deploy, setup, update, test, info)
• envs/prod/ and envs/dev/ — Per-environment config

Closes #41

## Summary - Add `deploy/single-vm/` with OpenTofu + scripts for TFGrid deployment - Uses `grid_name_proxy` web gateway for HTTPS (no public IPv4 needed) - Docker-based: pulls pre-built container, runs with systemd auto-restart - Multi-environment: `make all ENV=prod` or `make all ENV=dev` ## Files - `tf/main.tf` — VM + network + web gateway - `scripts/setup.sh` — Docker install, image pull, systemd service - `scripts/update.sh` — Quick pull + restart - `Makefile` — Orchestration (init, deploy, setup, update, test, info) - `envs/prod/` and `envs/dev/` — Per-environment config Closes #41

mik-tf added 1 commit 2026-02-27 00:27:55 +00:00

add TFGrid single-VM deployment with web gateway ... 2bfdba787d

OpenTofu config with grid_name_proxy for HTTPS via TFGrid web gateway,
Docker-based setup/update scripts, multi-environment Makefile (prod/dev).

Closes #41

mik-tf added 1 commit 2026-02-27 12:57:51 +00:00

use env_secrets pattern: mnemonic via TF_VAR, FORGEJO_TOKEN via SSH ... 505ee583f0

- Mnemonic set as TF_VAR_mnemonic in ~/hero/cfg/env/env.sh, not in tfvars
- credentials.auto.tfvars now infra config only (node_id, cpu, memory, etc.)
- FORGEJO_TOKEN passed from local env to VM via Makefile SSH
- app.env reduced to non-secret config (image, port)
- Use canonical FORGEJO_TOKEN name per env_secrets skill

mik-tf added 1 commit 2026-02-27 13:03:04 +00:00

auto-source env vars in Makefile, clean up example files ... 86533f6ee0

Makefile auto-sources TF_VAR_mnemonic and FORGEJO_TOKEN from
~/hero/cfg/env/env.sh — no manual sourcing needed, just make all ENV=prod.
Example files trimmed to only what they contain, no secret references.

mik-tf referenced this pull request 2026-02-27 14:26:44 +00:00

Combined deploy — all PRs merged + Dockerfile.prod + TFGrid deployment #43

mik-tf closed this pull request 2026-02-27 14:52:40 +00:00

mik-tf commented 2026-02-27 14:52:40 +00:00

Author

Owner

Copy link

Superseded by #43 (combined deploy branch with all PRs merged).

Superseded by #43 (combined deploy branch with all PRs merged).

Pull request closed

This pull request cannot be reopened because the branch was deleted.

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

lhumina_code/hero_services!42

No description provided.