infra

Masabra: Mariana's GCP Infraestructure.

Introduction

This repository contains the Terraform configurations for deploying the backend services for Mariana's remote versioning capabilities. Gitea is used as a lightweight, self-hosted Git service.

Table of Contents

• Architecture Overview
• Prerequisites
• Setup Instructions
  • 1. Configure Variables
  • 2. Initialize Terraform
  • 3. Apply Terraform Configuration
• Accessing Gitea
• Destroying the Infrastructure
• Troubleshooting
• Setting Up the gcloud SDK
• Applying Custom Changes from the Original Gitea Repository
• Deploy to the Artifact registry

Architecture Overview

The Terraform scripts provision the following resources on GCP:

• Compute Engine Instance: Virtual machine running Gitea.
• VPC Network: Virtual Private Cloud network for the instance.
• Load Balancer: Basic load balancing components, including a health check, backend service, URL map, HTTP proxy, and forwarding rule.
• Firewall Rules: Allow HTTP (port 80, 443) and SSH (port 22) access.
• External IP Address: Public IP to access Gitea over the internet.
• Disk Storage: Persistent disk for data storage.

Prerequisites

Before starting, ensure you have:

• A GCP account with project-level access.
• terraform >= 1.9.8.
• gcloud >= 497.0.0 installed and configured.

Setup Instructions

1. Configure Variables

Edit the variables.tf file or create a terraform.tfvars file to customize the deployment. Key variables include:

• Project Settings:

  • project_id: Your GCP project ID.
  • region: GCP region for resource deployment.
  • zone: GCP zone within the region.

• Instance Settings:

  • machine_type: Compute Engine instance type (e.g., e2-medium).
  • instance_name: Name of the Gitea VM instance.

• Network Settings:

  • network_name: Name of the VPC network.
  • subnet_name: Name of the subnet.

• Gitea Settings:

  • gitea_port: Port on which Gitea will run (default is 3000).
  • gitea_admin_username: Admin username for Gitea.
  • gitea_admin_password: Admin password for Gitea.
  • gitea_db_password: DB password for the PostgreSQL DB that gitea will use.

Example terraform.tfvars file:

project_id           = "your-gcp-project-id"
region               = "us-central1"
zone                 = "us-central1-a"
machine_type         = "e2-medium"
instance_name        = "gitea-instance"
network_name         = "gitea-network"
subnet_name          = "gitea-subnet"
gitea_port           = 3000
gitea_admin_username = "admin"
gitea_admin_password = "strongpassword"
gitea_db_password    = "your-secure-password"
repository_id        = "ar-repository-id"

3. Initialize Terraform

Initialize the Terraform working directory to download necessary providers and modules.

terraform init

4. Apply Terraform Configuration

Review and apply the Terraform plan to create resources.

terraform plan
terraform apply

Type yes when prompted to confirm the operation.

Accessing Gitea

1. Retrieve the External IP Address:

   terraform output gitea_instance_ip

2. Access Gitea Web Interface:

   Open your web browser and navigate to http://<GITEA_IP_ADDRESS>:80 / http://<GITEA_IP_ADDRESS>.

3. Log In:

   Use the admin credentials specified in your terraform.tfvars file.

Destroying the Infrastructure

To remove all resources created by Terraform:

terraform destroy

Confirm by typing yes when prompted.

Troubleshooting

• SSH Access to VM:

  gcloud compute ssh <instance_name> --project=<project_id> --zone=<zone>

• Firewall Issues:

  Ensure firewall rules allow inbound traffic on ports 80 (HTTP/S) and 22 (SSH).

• Terraform Errors:

  • Make sure all required variables are set.
  • Check for typos or incorrect values in your terraform.tfvars file. (MIHTT: Man I Hate Terraforms Tfvars)
  • If you mess with the tfstate you get the lead. ((threat))
  • Make sure the GCP Compute api is turned on compute.googleapis.com.

Setting Up the gcloud SDK

To interact with GCP resources, and depliy the infraestructure, ensure the Google Cloud SDK is installed and properly configured:

1. Install the gcloud SDK:

   • Download and install the SDK from the official Google Cloud SDK documentation.

2. Authenticate with the Google Account: Run the following command and follow the prompts to log in:

   gcloud auth application-default login

3. Set the active project: There are two ways to configure the project ID for your GCP project:

   1. Set up the project with the sdk helper:

      gcloud init

   2. Manually set up the project:

      gcloud config set project <your-project-id>

      It should be the same as the project_id environment variable.

   Either one should work.

4. Verify your setup: Check if your gcloud CLI is properly configured by listing active configurations:

   gcloud config list

   You should see your project, region, and zone correctly set.

5. Enable required APIs:

   This step should not be done unless a new project is run, the API should already be initialized.

   Ensure the necessary APIs are enabled for your project:

   gcloud services enable compute.googleapis.com
   gcloud services enable artifactregistry.googleapis.com

6. Test your connection: Try listing your active compute instances to ensure everything is set up:

   gcloud compute instances list

   If your instance is listed, the SDK is ready for use.

Applying Custom Changes from the Original Gitea Repository

To apply the changes needed from the original Gitea repository to achieve the version in Masabra-gitea, follow these steps:

Step 1: Clone the Original Gitea Repository

Clone the original Gitea repository to your local machine:

git clone https://github.com/go-gitea/gitea.git
cd gitea

Step 2: Download and Apply the Patch

1. Download the Patch File: Get the patch file (/masabra-gitea-changes.patch) that contains the custom changes. This file was generated based on commit 713364fc718d1d53840bd83ba6f6c307bd213fa8 from the main branch.

2. Apply the Patch: Use the git apply command to apply your changes to the cloned repository:

   git apply /masabra-gitea-changes.patch

3. Verify the Patch: After applying the patch, check that the changes have been applied successfully:

   git status

   If there are any conflicts, Git will highlight them. Resolve these conflicts manually.

Step 3: Test the Updated Repository

Before deploying the updated Gitea repository, build and test it locally to ensure the changes work as expected:

make build

Gitea has a lot of requirements, we recommend building a Docker image from the Dockerfile configuration.

Step 4: Deploy the Updated Version

Use the deployment steps outlined in the Deploy to the Artifact Registry section to build and deploy the updated Gitea image to your GCP infrastructure.

Troubleshooting

If you encounter issues while applying the patch:

• Ensure the patch file corresponds to the correct version of the original repository.
• Resolve any merge conflicts manually by editing the conflicting files.
• Use git log and git diff to debug and verify applied changes.

Deploy to the Artifact registry

To deploy an image to the artifact registry follow these commands:

1. Set up gcloud to push to the corresponding docker pkg.

   gcloud auth configure-docker <var.registry_region>-docker.pkg.dev

   The region in <var.registry_region> should be set to the correct region.

2. Build the image with a name.image_name

   docker build -t <image_name> .

3. Tag the image with the corresponding artifact registry location

   docker tag <image_name> <var.registry_region>-docker.pkg.dev-docker.pkg.dev/<var.project_id>/<ar_repository_name>/<image_name>

   Remember to replace all <vars> with the corresponding values.

4. Push the tagged image to the remote docker registry

   docker push <var.registry_region>-docker.pkg.dev/<var.project_id</<output.ar_repository_name</<image_name>