Infra for Devsh (k3s on Scaleway) with GitOps via Flux.
Branches:
env/prod→ production cluster (kept up, do not destroy)env/test→ ephemeral/test cluster (can be recreated on demand)
Warning
Pushing to env/prod reconciles the live production cluster. Read docs/environments.md and docs/getting-started.md before changing prod.
Docs live in docs/:
docs/getting-started.md– prerequisites, tooling,.envtemplate, age key, GitOps flowdocs/environments.md– prod/test branches & workspacesdocs/how-to-commit.md– fast-forward workflow (test → prod)docs/secrets.md– SOPS/age secrets: create/encrypt/decryptdocs/snapshots.md– prod snapshot workflow & restore to testdocs/dns.md– DNS (manual for now)docs/security.md– hardening matrix, how to add services with current security baselinedocs/ui.md– Kubernetes Dashboard (read-only) accessdocs/monitoring.md– Grafana dashboard provisioning and updatesdocs/alerts.md– alerting flow (Alertmanager → OnCall → Discord) + smoke testsdocs/resources.md– resource requests/limits, priority classes, uptime notesdocs/ci.md– CI checks and generated files
Generated by CI (do not edit manually):
terraform/TERRAFORM.md- Terraform inputs/outputs/module docsterraform/snapshots/TERRAFORM.md- Terraform docs for the snapshots rootterraform/iam/TERRAFORM.md- Terraform docs for IAM + bucket policiesKUBEDIAGRAM.png- Kubernetes architecture diagram from manifests
![@github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=64&v=4){kind=small}
