Phase 1 tasks: Adding opentofu terraform templates for deploying droplets / DOKS clusters. #5
Draft
dhruvmalik007 wants to merge 30 commits intojAIMSnet:mainfrom
Draft
Conversation
…ofu tf description.
…defining the templates for the setting up of the anythingllm + caddy reverse proxy setup for SSL domain deployment.
… py sdk integration in order to deploy , check the deployment logs and status of the previous droplet deployments.
…map along with the toolings description).
--> adding the litellm jAIMS endpoinnt and its configuration with the anythingLLM integration setup. --> updating also the iac cli configuration setup.
…/dhruvmalik007/jaimsnet ( sync from the core repo) to local branch (ldc/add-weown-ai-offers-template)
…e and environment structure with updated CLI support.
…ices and update CLI components.
dhruvmalik007
changed the title
…CLI. 2. Environment variable and add OpenTofu documentation and Uptime Kuma cloud-init template.
There was a problem hiding this comment.
Pull request overview
Adds Phase 1 infrastructure automation for DigitalOcean using OpenTofu, including reusable IaC modules, two environments (lite droplet + production DOKS stack), and a new Python CLI (weown-cli) to drive interactive Lite deployments with isolated local state.
Changes:
- Introduces OpenTofu modules for core DigitalOcean resources (droplet, VPC, DOKS, DB, DNS, load balancer) and composes them into
liteandproductionenvironments. - Adds
weown-cli(Typer-based) to authenticate, deploy, list, tail logs, and destroy Lite instances with per-account/per-deployment state isolation. - Expands
iac/README.mdsignificantly with architecture/ops documentation and updates.gitignorefor CLI artifacts.
Reviewed changes
Copilot reviewed 33 out of 36 changed files in this pull request and generated 22 comments.
Show a summary per file
| File | Description |
|---|---|
| iac/weown-cli/uv.lock | Adds a uv lockfile pinning Python CLI dependencies. |
| iac/weown-cli/src/weown_cli/state.py | Implements local OpenTofu state isolation, tfvars writing, and tofu command execution helpers. |
| iac/weown-cli/src/weown_cli/cli.py | Adds Typer CLI commands for auth, deploy wizard, logs, destroy, listing, and advanced tofu operations. |
| iac/weown-cli/src/weown_cli/auth.py | Implements local token storage, env/doctl fallback token retrieval, DO token verification, and Infisical client bootstrap. |
| iac/weown-cli/src/weown_cli/init.py | Package init file (empty). |
| iac/weown-cli/pyproject.toml | Defines the weown-cli Python project metadata and dependencies and registers the console script. |
| iac/weown-cli/main.py | Provides a simple entrypoint to run the Typer app. |
| iac/opentofu/modules/vpc/variables.tf | Defines inputs for VPC module (name/region/ip_range with CIDR validation). |
| iac/opentofu/modules/vpc/outputs.tf | Exposes VPC identifiers and allocated CIDR output. |
| iac/opentofu/modules/vpc/main.tf | Provisions a DigitalOcean VPC. |
| iac/opentofu/modules/load-balancer/variables.tf | Defines load balancer inputs (name/region/vpc/cluster/nodeports). |
| iac/opentofu/modules/load-balancer/outputs.tf | Exposes LB IP and ID outputs. |
| iac/opentofu/modules/load-balancer/main.tf | Provisions a DigitalOcean load balancer and attempts to attach DOKS node droplets dynamically. |
| iac/opentofu/modules/droplet/variables.tf | Defines droplet inputs including ssh keys, VPC attachment, tags, and cloud-init user_data. |
| iac/opentofu/modules/droplet/outputs.tf | Exposes droplet ID and IP outputs. |
| iac/opentofu/modules/droplet/main.tf | Provisions a DigitalOcean Droplet with monitoring/IPv6 and optional VPC attachment. |
| iac/opentofu/modules/doks-cluster/variables.tf | Defines DOKS cluster and autoscaling node pool inputs. |
| iac/opentofu/modules/doks-cluster/outputs.tf | Exposes DOKS ID/endpoint and kubeconfig/token/CA outputs. |
| iac/opentofu/modules/doks-cluster/main.tf | Provisions a DigitalOcean Kubernetes cluster with an autoscaling node pool. |
| iac/opentofu/modules/dns/variables.tf | Defines DNS module inputs for zone, routing records, and TXT records. |
| iac/opentofu/modules/dns/outputs.tf | Exposes DNS zone identifiers and created record FQDNs. |
| iac/opentofu/modules/dns/main.tf | Creates a DO domain zone and routing/TXT records. |
| iac/opentofu/modules/database/variables.tf | Defines managed PostgreSQL cluster inputs. |
| iac/opentofu/modules/database/outputs.tf | Exposes DB host/port and generated connection URIs for LiteLLM/Langfuse. |
| iac/opentofu/modules/database/main.tf | Provisions a DO managed PostgreSQL cluster, DBs/users, and a VPC firewall rule. |
| iac/opentofu/environments/production/variables.tf | Defines production environment parameters (region, DOKS sizing, domain/DNS, SSH allowlists). |
| iac/opentofu/environments/production/templates/cloudinit-uptime-kuma.yaml | Adds cloud-init to install and run Uptime Kuma via systemd on a droplet. |
| iac/opentofu/environments/production/providers.tf | Configures required providers and wires Kubernetes/Helm providers to DOKS outputs. |
| iac/opentofu/environments/production/outputs.tf | Exposes production environment outputs for VPC, DOKS kubeconfig, DB URIs, and DNS. |
| iac/opentofu/environments/production/main.tf | Composes modules/resources: VPC, DB, DOKS, ArgoCD (Helm), LB, DNS, and Uptime Kuma droplet+firewall. |
| iac/opentofu/environments/lite/variables.tf | Defines Lite droplet deployment parameters including API access CIDRs and LiteLLM gateway settings. |
| iac/opentofu/environments/lite/templates/cloudinit.yaml | Adds cloud-init to install Docker+Caddy and run AnythingLLM (and optionally Watchtower) via Docker Compose. |
| iac/opentofu/environments/lite/outputs.tf | Exposes Lite droplet outputs including IP, SSH command, and AnythingLLM URL. |
| iac/opentofu/environments/lite/main.tf | Composes Lite droplet + firewall + optional DNS A record. |
| iac/README.md | Major expansion of IaC architecture/usage documentation and operational guidance. |
| .gitignore | Adds ignore pattern for Python bytecode artifacts (weown-cli). |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
…les . Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…ical for secret management, and OpenTofu.
…ces including LiteLLM, Redis, Langfuse, and AnythingLLM, with OpenTofu IaC and Infisical secret
… Infisical secret management, and refine IaC configurations.
…up, including deployment scripts and gateway configurations.
…and production environment setup, and a new `weown-cli` gateway.
…/dhruvmalik007/jaimsnet into ldc/add-weown-ai-offers-template
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 59 out of 62 changed files in this pull request and generated 20 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
removing the gitops implementation ( thats the phase 3 implementation for @rmn) . replacing to the default version for the iac documentation ( to be in detailed explained only for opentofu phase 1 tasks).
Author
|
@romandidomizio You can again tun the test and check whether the opentofu templates are aligned or not. also argo CD templates are removed. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR commences the PRJ-032 ( OpenTofu automations for deploying the WeOwn AI offerings) that was discussed in the W09 of the season 3. this merge adds the opentofu digital ocean provider in order to:
Infrastructure deployment Automation: define the templates for the setup of the droplets and the k8s clusters for hosting the environment with secured ( no unused ports open, firewall setup and associating with the given security policy).
Lifecycle management: lets you setup the virtual environment packaged CLI that creates the wrapper around the pre-existing CLI's (
doctl: for authorizing the user session , opentofu cli for setting up the infrastructure etc). in order to manage the whole setup lifecycle for the weown lifecycle of deploying the various services ( observability, gpu instances and others that are going to be defined in the other folders).Type of Change
Related Issue:
Its the followup of the #4 with the focus on start expanding the iac folder with the necessary template code as defined in the corresponding README.
Testing steps:
Weown-ctl init account using underlying the doctl cli setup)Weown-ctl init account using underlying the doctl cli setup)Checklist
Reviewer Notes
This pull request introduces a new Terraform environment (
lite) and a reusable module for deploying AnythingLLM on DigitalOcean, along with a CLI tool for managing deployments. The changes enable automated provisioning of a secure droplet, firewall configuration, DNS integration, and container orchestration for AnythingLLM, as well as providing outputs and variables for customization. Additionally, a Python CLI project is scaffolded to streamline deployment and authentication.Infrastructure provisioning and automation:
iac/environments/lite/main.tf,outputs.tf, andvariables.tfto define a new Terraform environment for deploying AnythingLLM on DigitalOcean, including provider setup, droplet module usage, output values, and customizable variables. [1] [2] [3]iac/modules/droplet/main.tf,outputs.tf,variables.tf, and acloudinit.yamltemplate to encapsulate droplet creation, firewall rules, DNS record management, and automated container deployment via Docker Compose and Caddy, with modular support for Watchtower. [1] [2] [3] [4]CLI tool for deployment management:
weown-cliPython project withpyproject.toml, main entrypoint, and authentication helper (auth.py), leveraging Typer, Rich, Questionary, and pydo for interactive DigitalOcean deployment management and token verification. [1] [2] [3]