otaku.lt-sdk

Infrastructure as Code for otaku.lt using Terraform and Cloudflare Workers.

Overview

This project manages the complete infrastructure for otaku.lt, a Next.js website deployed on Cloudflare Workers. The infrastructure uses Terraform for infrastructure management and Wrangler for deployment automation.

Key Features

🌟 Cloudflare Workers deployment
🏗️ Terraform infrastructure management
🚀 Automated CI/CD with GitHub Actions
📦 Wrangler deployment automation
🔒 Secure authentication via environment variables
🌐 Custom domain with SSL/TLS

Structure

providers.tf - Terraform, GitHub, and Cloudflare provider configuration
variables.tf - Input variables for configuration
workers.tf - Cloudflare Workers configuration
cloudflare.tf - Legacy configuration (deprecated)
github.tf - GitHub repository resources
outputs.tf - Output values
Makefile - Project automation and deployment commands
.env.example - Environment variables template

Prerequisites

Install required tools:

# On macOS using Homebrew
brew install terraform
brew install gh
brew install cloudflare-wrangler

Authenticate:

gh auth login      # GitHub authentication
# Get API token from: https://dash.cloudflare.com/profile/api-tokens

Quick Start

Setup environment:
```
make workers-setup
```
Deploy everything:
```
make workers-apply
```

That's it! Your site should be live at https://otaku.lt

Step-by-Step Setup

1. Authentication & Credentials

# Authenticate with both services
gh auth login

# Set up Cloudflare API token (get from dashboard)
make cf-set-token TOKEN=your_api_token_here

2. Infrastructure Management

# Review infrastructure changes
make plan

# Apply infrastructure (Workers, DNS, etc.)
make apply

3. Deploy Website

# Build and deploy to Workers
make workers-deploy

# OR deploy to preview/staging
make workers-deploy-preview

Available Commands

🏗️ Infrastructure Management

make setup - Setup environment and check dependencies
make plan - Run terraform plan
make apply - Run terraform apply
make fmt - Format terraform files
make validate - Validate configuration
make clean - Clean terraform cache

🚀 Workers Deployment

make workers-build - Build Next.js application
make workers-deploy - Deploy to production Workers
make workers-deploy-preview - Deploy to preview/staging
make workers-test - Test Workers locally
make workers-setup - Complete Workers setup
make workers-apply - Apply infrastructure + deploy
make workers-status - Check deployment status

🔧 Utilities

make cf-set-token TOKEN=xyz - Set Cloudflare API token from dashboard
make cf-set-token TOKEN=xyz - Set custom API token
make help - Show all available commands

Authentication

🔒 Secure Authentication via Environment Variables

The Makefile automatically handles authentication:

Automatic Setup (Recommended):

# Authenticate with GitHub
gh auth login

# Set up API token (get from Cloudflare dashboard)
make cf-set-token TOKEN=your_api_token_here

Manual API Token Setup:

# Create custom API token at: https://dash.cloudflare.com/profile/api-tokens
# Required permissions: Zone:Zone:Read, Zone:DNS:Edit, Account:Cloudflare Workers:Edit
make cf-set-token TOKEN=your_custom_api_token

Configuration

The project uses .env file for configuration (set up with make cf-set-token):

# Example .env file (auto-generated)
CLOUDFLARE_API_TOKEN=your_api_token
CLOUDFLARE_ZONE_ID=your_zone_id  
CLOUDFLARE_ACCOUNT_ID=your_account_id
DOMAIN_NAME=otaku.lt
PAGES_PROJECT_NAME=otaku-lt

Resources Managed

This Terraform configuration manages:

GitHub Resources:

otaku.lt: Main website repository (Next.js application)
otaku.lt-sdk: Infrastructure as Code repository (this repository)

Cloudflare Workers Resources:

Worker Script: Main application handler with static asset serving
Custom Domains: DNS configuration for otaku.lt and www.otaku.lt
Worker Routes: Traffic routing and WWW redirect
SSL/TLS: Security and performance settings
DNS Records: A records pointing to Workers

Deployment Flow

Workers Flow:

Code Push → GitHub repository (otaku.lt)
GitHub Actions → Builds Next.js app and deploys to Workers
Workers → Serves static assets and handles routing
Live Site → https://otaku.lt

Manual Deployment:

Build → make workers-build
Deploy → make workers-deploy
Live Site → https://otaku.lt

Environment Variables

The project uses these environment variables (managed in .env):

# Cloudflare (set using cf-set-token)
CLOUDFLARE_API_TOKEN=your_api_token
CLOUDFLARE_ZONE_ID=your_zone_id
CLOUDFLARE_ACCOUNT_ID=your_account_id

# Project configuration
DOMAIN_NAME=otaku.lt
PAGES_PROJECT_NAME=otaku-lt

# GitHub (handled automatically by Makefile)
GITHUB_TOKEN=$(gh auth token)
GITHUB_OWNER=otaku-lt

Frontend Configuration

The Next.js application includes:

wrangler.toml

name = "otaku-lt"
main = "src/index.js"
compatibility_date = "2024-01-15"

[assets]
directory = "out"
serve_single_page_app = true

package.json Scripts

{
  "scripts": {
    "deploy": "npm run build && wrangler deploy",
    "deploy:preview": "npm run build && wrangler deploy --env preview",
    "wrangler:dev": "wrangler dev"
  }
}

CI/CD with GitHub Actions

Automatic deployment is configured via .github/workflows/deploy.yml:

Pull Requests: Deploy to preview environment
Main Branch: Deploy to production

🔐 Automated Secrets Management

The required GitHub Actions secrets are automatically managed by Terraform:

# Setup GitHub Actions secrets for CI/CD
make github-secrets

This creates the following repository secrets:

CLOUDFLARE_API_TOKEN - Your Cloudflare API token
CLOUDFLARE_ACCOUNT_ID - Your Cloudflare account ID

🚀 Complete CI/CD Setup

# Full automated setup
gh auth login              # Authenticate with GitHub
gh auth login              # Authenticate with GitHub
# Get API token from: https://dash.cloudflare.com/profile/api-tokens  
make cf-set-token TOKEN=xyz  # Set up credentials
make workers-setup         # Setup infrastructure
make github-secrets        # Configure CI/CD secrets
make workers-apply         # Deploy everything

After this setup, your CI/CD pipeline will automatically:

Deploy previews for pull requests
Deploy to production when merging to main
Comment on PRs with preview URLs

Getting Cloudflare Values

Account ID: Cloudflare Dashboard → Right sidebar
Zone ID: Cloudflare Dashboard → Your domain → Right sidebar
API Token: Use make cf-set-token TOKEN=xyz or create at API Tokens

For custom tokens, required permissions:

Zone:Zone:Read
Zone:DNS:Edit
Account:Cloudflare Workers:Edit

Project Structure

otaku.lt-sdk/              # Infrastructure
├── workers.tf             # Workers configuration
├── cloudflare.tf          # Legacy configuration (deprecated)
├── providers.tf           # Provider configuration
├── variables.tf           # Variable definitions
├── outputs.tf            # Output definitions
├── Makefile              # Automation commands
├── .env                  # Credentials (auto-generated)
└── README.md             # This file

otaku.lt/                  # Frontend Application
├── wrangler.toml         # Workers configuration
├── src/index.js          # Worker script
├── .github/workflows/    # CI/CD
├── package.json          # Updated with Wrangler
├── next.config.js        # Next.js configuration
└── ... (Next.js app)

Development Workflow

Local Development:

cd otaku.lt
npm run dev              # Next.js dev server
# OR
make workers-test        # Test Workers locally

Deployment:

make workers-deploy      # Deploy to production
make workers-deploy-preview  # Deploy to staging

Infrastructure Changes:

make plan               # Review changes
make apply              # Apply changes

Troubleshooting

Common Issues:

Authentication errors:

make cf-set-token TOKEN=your_api_token_here

Build failures:
```
cd otaku.lt
npm install
npm run build
```

Deployment issues:

make workers-status     # Check deployment status
wrangler tail           # View logs

DNS issues:

make plan               # Check Terraform DNS config

Security Notes

Never commit .env or files containing sensitive data
The .gitignore file excludes sensitive files
Use remote state backend for production use
Rotate API tokens regularly

Contributing

When making changes:

Test locally: make workers-test
Review infrastructure: make plan
Deploy preview: make workers-deploy-preview
Apply to production: make workers-apply
Commit changes to both otaku.lt and otaku.lt-sdk

Name		Name	Last commit message	Last commit date
Latest commit History 24 Commits
.env.example		.env.example
.gitignore		.gitignore
CLOUDFLARE_API_SETUP.md		CLOUDFLARE_API_SETUP.md
Makefile		Makefile
README.md		README.md
cloudflare.mk		cloudflare.mk
cloudflare.tf		cloudflare.tf
dns.tf		dns.tf
github.tf		github.tf
main.tf		main.tf
outputs.tf		outputs.tf
providers.tf		providers.tf
terraform.tfvars.example		terraform.tfvars.example
variables.tf		variables.tf
workers.mk		workers.mk
workers.tf		workers.tf

otaku-lt/otaku.lt-sdk

Folders and files

Latest commit

History

Repository files navigation