domus-terraform

Project Summary

Project

domus-terraform - Infrastructure as Code

Priority

P1 - High

Status

Active

Owner

Evan

Tool

Terraform / OpenTofu

Repository

_projects/personal/domus-terraform

Overview

Infrastructure as Code for Domus Digitalis home enterprise. Manages KVM VMs, Cloudflare DNS, Vault configuration, k3s resources, Keycloak identity, and GitHub repositories.

Improvement Proposals

Proposals from ecosystem audit — 2026-04-04. For team review and prioritization.
Priority Proposal Rationale Effort

P1

Add module inventory table

Document each Terraform module: what it provisions, provider, inputs/outputs, dependencies. Currently requires reading HCL to understand scope.

M

P2

State management documentation

Remote state backend config, locking strategy, workspace usage, and state migration procedures. Critical for multi-person workflows.

M

P2

Drift detection and remediation guide

Document terraform plan audit procedures, scheduled drift checks, and remediation playbooks for common drift patterns.

M

P3

Cost estimation reference

Map modules to estimated monthly cost ranges. Enables budget planning before applying changes.

S

Related Projects

  • domus-cli - SSH-based infrastructure CLI

  • netapi - API-based network automation

  • domus-infra-ops - Infrastructure runbooks

Roadmap

  • Remote state backend (S3/Minio)

  • Terragrunt for DRY configuration

  • CI/CD pipeline for plan/apply

  • Drift detection alerts

  • Cost estimation (Infracost)

Sub-Pages