tf-starter 1.0.0

package/tf_starter/templates/azure/modules/monitoring/main.tf.j2

@@ -0,0 +1,31 @@
+# MONITORING MODULE — Azure Monitor (Azure)
+# Generated by tf-starter
+
+locals {
+  name_prefix = "${var.project_name}-${var.environment}"
+}
+
+resource "azurerm_monitor_action_group" "main" {
+  name                = "${local.name_prefix}-alerts"
+  resource_group_name = var.resource_group_name
+  short_name          = substr(local.name_prefix, 0, 12)
+
+  dynamic "email_receiver" {
+    for_each = var.alert_email != "" ? [1] : []
+    content {
+      name          = "email-alerts"
+      email_address = var.alert_email
+    }
+  }
+
+  tags = var.tags
+}
+
+resource "azurerm_log_analytics_workspace" "main" {
+  name                = "${local.name_prefix}-logs"
+  resource_group_name = var.resource_group_name
+  location            = var.location
+  sku                 = "PerGB2018"
+  retention_in_days   = var.environment == "prod" ? 90 : 30
+  tags                = var.tags
+}

package/tf_starter/templates/azure/modules/monitoring/outputs.tf.j2

@@ -0,0 +1,9 @@
+# MONITORING MODULE — Outputs (Azure)
+
+output "action_group_id" {
+  value = azurerm_monitor_action_group.main.id
+}
+
+output "log_analytics_workspace_id" {
+  value = azurerm_log_analytics_workspace.main.id
+}

package/tf_starter/templates/azure/modules/monitoring/variables.tf.j2

@@ -0,0 +1,16 @@
+# MONITORING MODULE — Variables (Azure)
+
+variable "project_name" { type = string }
+variable "environment" { type = string }
+variable "location" { type = string }
+variable "resource_group_name" { type = string }
+
+variable "alert_email" {
+  type    = string
+  default = ""
+}
+
+variable "tags" {
+  type    = map(string)
+  default = {}
+}

package/tf_starter/templates/azure/modules/network/main.tf.j2

@@ -0,0 +1,89 @@
+# NETWORK MODULE — Resource Group, VNet, Subnets, NSG, NAT Gateway (Azure)
+# Generated by tf-starter
+
+locals {
+  name_prefix = "${var.project_name}-${var.environment}"
+}
+
+resource "azurerm_resource_group" "main" {
+  name     = "${local.name_prefix}-rg"
+  location = var.location
+  tags     = var.tags
+}
+
+resource "azurerm_virtual_network" "main" {
+  name                = "${local.name_prefix}-vnet"
+  resource_group_name = azurerm_resource_group.main.name
+  location            = azurerm_resource_group.main.location
+  address_space       = var.vnet_address_space
+  tags                = var.tags
+}
+
+resource "azurerm_subnet" "public" {
+  name                 = "${local.name_prefix}-public"
+  resource_group_name  = azurerm_resource_group.main.name
+  virtual_network_name = azurerm_virtual_network.main.name
+  address_prefixes     = [var.public_subnet_cidr]
+}
+
+resource "azurerm_subnet" "private" {
+  name                 = "${local.name_prefix}-private"
+  resource_group_name  = azurerm_resource_group.main.name
+  virtual_network_name = azurerm_virtual_network.main.name
+  address_prefixes     = [var.private_subnet_cidr]
+
+  delegation {
+    name = "fs-delegation"
+    service_delegation {
+      name = "Microsoft.DBforPostgreSQL/flexibleServers"
+      actions = ["Microsoft.Network/virtualNetworks/subnets/join/action"]
+    }
+  }
+}
+
+resource "azurerm_network_security_group" "main" {
+  name                = "${local.name_prefix}-nsg"
+  resource_group_name = azurerm_resource_group.main.name
+  location            = azurerm_resource_group.main.location
+
+  security_rule {
+    name                       = "AllowHTTP"
+    priority                   = 100
+    direction                  = "Inbound"
+    access                     = "Allow"
+    protocol                   = "Tcp"
+    source_port_range          = "*"
+    destination_port_ranges    = ["80", "443"]
+    source_address_prefix      = "*"
+    destination_address_prefix = "*"
+  }
+
+  tags = var.tags
+}
+
+resource "azurerm_public_ip" "nat" {
+  name                = "${local.name_prefix}-nat-ip"
+  resource_group_name = azurerm_resource_group.main.name
+  location            = azurerm_resource_group.main.location
+  allocation_method   = "Static"
+  sku                 = "Standard"
+  tags                = var.tags
+}
+
+resource "azurerm_nat_gateway" "main" {
+  name                = "${local.name_prefix}-nat"
+  resource_group_name = azurerm_resource_group.main.name
+  location            = azurerm_resource_group.main.location
+  sku_name            = "Standard"
+  tags                = var.tags
+}
+
+resource "azurerm_nat_gateway_public_ip_association" "main" {
+  nat_gateway_id       = azurerm_nat_gateway.main.id
+  public_ip_address_id = azurerm_public_ip.nat.id
+}
+
+resource "azurerm_subnet_nat_gateway_association" "private" {
+  subnet_id      = azurerm_subnet.private.id
+  nat_gateway_id = azurerm_nat_gateway.main.id
+}

package/tf_starter/templates/azure/modules/network/outputs.tf.j2

@@ -0,0 +1,25 @@
+# NETWORK MODULE — Outputs (Azure)
+
+output "resource_group_name" {
+  value = azurerm_resource_group.main.name
+}
+
+output "resource_group_location" {
+  value = azurerm_resource_group.main.location
+}
+
+output "vnet_id" {
+  value = azurerm_virtual_network.main.id
+}
+
+output "vnet_name" {
+  value = azurerm_virtual_network.main.name
+}
+
+output "public_subnet_id" {
+  value = azurerm_subnet.public.id
+}
+
+output "private_subnet_id" {
+  value = azurerm_subnet.private.id
+}

package/tf_starter/templates/azure/modules/network/variables.tf.j2

@@ -0,0 +1,25 @@
+# NETWORK MODULE — Variables (Azure)
+
+variable "project_name" { type = string }
+variable "environment" { type = string }
+variable "location" { type = string }
+
+variable "vnet_address_space" {
+  type    = list(string)
+  default = ["10.0.0.0/16"]
+}
+
+variable "public_subnet_cidr" {
+  type    = string
+  default = "10.0.1.0/24"
+}
+
+variable "private_subnet_cidr" {
+  type    = string
+  default = "10.0.10.0/24"
+}
+
+variable "tags" {
+  type    = map(string)
+  default = {}
+}

package/tf_starter/templates/azure/modules/storage/main.tf.j2

@@ -0,0 +1,41 @@
+# STORAGE MODULE — Azure Storage Account
+# Generated by tf-starter
+
+locals {
+  name_prefix = "${var.project_name}-${var.environment}"
+  # Storage account names: lowercase, no hyphens, max 24 chars
+  storage_account_name = substr(replace("${var.project_name}${var.environment}stor", "-", ""), 0, 24)
+}
+
+resource "random_id" "storage_suffix" {
+  byte_length = 3
+}
+
+resource "azurerm_storage_account" "main" {
+  name                     = "${local.storage_account_name}${random_id.storage_suffix.hex}"
+  resource_group_name      = var.resource_group_name
+  location                 = var.location
+  account_tier             = "Standard"
+  account_replication_type = "LRS"
+  min_tls_version          = "TLS1_2"
+
+  blob_properties {
+    versioning_enabled = var.enable_versioning
+
+    delete_retention_policy {
+      days = 30
+    }
+
+    container_delete_retention_policy {
+      days = 30
+    }
+  }
+
+  tags = var.tags
+}
+
+resource "azurerm_storage_container" "main" {
+  name                  = "${local.name_prefix}-container"
+  storage_account_name  = azurerm_storage_account.main.name
+  container_access_type = "private"
+}

package/tf_starter/templates/azure/modules/storage/outputs.tf.j2

@@ -0,0 +1,17 @@
+# STORAGE MODULE — Outputs (Azure)
+
+output "storage_account_name" {
+  value = azurerm_storage_account.main.name
+}
+
+output "storage_account_id" {
+  value = azurerm_storage_account.main.id
+}
+
+output "primary_blob_endpoint" {
+  value = azurerm_storage_account.main.primary_blob_endpoint
+}
+
+output "container_name" {
+  value = azurerm_storage_container.main.name
+}

package/tf_starter/templates/azure/modules/storage/variables.tf.j2

@@ -0,0 +1,16 @@
+# STORAGE MODULE — Variables (Azure)
+
+variable "project_name" { type = string }
+variable "environment" { type = string }
+variable "location" { type = string }
+variable "resource_group_name" { type = string }
+
+variable "enable_versioning" {
+  type    = bool
+  default = true
+}
+
+variable "tags" {
+  type    = map(string)
+  default = {}
+}

package/tf_starter/templates/azure/root/backend.tf.j2

@@ -0,0 +1,11 @@
+# REMOTE BACKEND — Azure Storage
+
+terraform {
+  backend "azurerm" {
+    ### MUST EDIT THIS ###
+    resource_group_name  = "{{ project_name }}-tfstate-rg"
+    storage_account_name = "{{ project_name | replace('-', '') }}tfstate"
+    container_name       = "tfstate"
+    key                  = "{{ project_name }}/terraform.tfstate"
+  }
+}

package/tf_starter/templates/azure/root/main.tf.j2

@@ -0,0 +1,181 @@
+# ---------------------------------------------------------------------------------------------------------------------
+# ROOT MAIN CONFIGURATION
+# Project: {{ project_name }}
+# Provider: Azure
+# Generated by tf-starter
+# ---------------------------------------------------------------------------------------------------------------------
+
+locals {
+  project_name = "{{ project_name }}"
+  location     = var.location
+  environment  = var.environment
+
+  common_tags = {
+    Project     = local.project_name
+    Environment = local.environment
+    ManagedBy   = "terraform"
+    Generator   = "tf-starter"
+  }
+}
+
+# ---------------------------------------------------------------------------------------------------------------------
+# NETWORK MODULE (always included)
+# ---------------------------------------------------------------------------------------------------------------------
+
+module "network" {
+  source = "./modules/network"
+
+  project_name = local.project_name
+  environment  = local.environment
+  location     = local.location
+
+  vnet_address_space   = var.vnet_address_space
+  public_subnet_cidr   = var.public_subnet_cidr
+  private_subnet_cidr  = var.private_subnet_cidr
+
+  tags = local.common_tags
+}
+
+{% if "compute" in services %}
+module "compute" {
+  source = "./modules/compute"
+
+  project_name       = local.project_name
+  environment        = local.environment
+  location           = local.location
+  resource_group_name = module.network.resource_group_name
+
+  subnet_id     = module.network.private_subnet_id
+  public_subnet_id = module.network.public_subnet_id
+  vm_size       = var.vm_size
+  instance_count = var.vmss_instance_count
+
+  tags = local.common_tags
+}
+{% endif %}
+
+{% if "lambda" in services %}
+# ---------------------------------------------------------------------------------------------------------------------
+# LAMBDA MODULE (Azure Functions)
+# ---------------------------------------------------------------------------------------------------------------------
+
+module "lambda" {
+  source = "./modules/lambda"
+
+  project_name       = local.project_name
+  environment        = local.environment
+  location           = local.location
+  resource_group_name = module.network.resource_group_name
+
+  sku_name       = var.function_sku_name
+  python_version = var.function_python_version
+  app_settings   = var.function_app_settings
+
+  tags = local.common_tags
+}
+{% endif %}
+
+{% if "apigateway" in services %}
+# ---------------------------------------------------------------------------------------------------------------------
+# API GATEWAY MODULE (Azure API Management)
+# ---------------------------------------------------------------------------------------------------------------------
+
+module "apigateway" {
+  source = "./modules/apigateway"
+
+  project_name       = local.project_name
+  environment        = local.environment
+  location           = local.location
+  resource_group_name = module.network.resource_group_name
+
+  function_app_hostname = module.lambda.default_hostname
+  publisher_name        = var.apim_publisher_name
+  publisher_email       = var.apim_publisher_email
+  sku_name              = var.apim_sku_name
+
+  tags = local.common_tags
+}
+{% endif %}
+
+{% if "database" in services %}
+module "database" {
+  source = "./modules/database"
+
+  project_name       = local.project_name
+  environment        = local.environment
+  location           = local.location
+  resource_group_name = module.network.resource_group_name
+
+  subnet_id       = module.network.private_subnet_id
+  db_sku_name     = var.db_sku_name
+  db_storage_mb   = var.db_storage_mb
+  db_name         = var.db_name
+  db_admin_login  = var.db_admin_login
+  db_ha           = var.environment == "prod" ? true : false
+
+  tags = local.common_tags
+}
+{% endif %}
+
+{% if "kubernetes" in services %}
+module "kubernetes" {
+  source = "./modules/kubernetes"
+
+  project_name       = local.project_name
+  environment        = local.environment
+  location           = local.location
+  resource_group_name = module.network.resource_group_name
+
+  subnet_id          = module.network.private_subnet_id
+  kubernetes_version = var.aks_kubernetes_version
+  node_vm_size       = var.aks_node_vm_size
+  node_count         = var.aks_node_count
+  node_min_count     = var.aks_node_min_count
+  node_max_count     = var.aks_node_max_count
+
+  tags = local.common_tags
+}
+{% endif %}
+
+{% if "monitoring" in services %}
+module "monitoring" {
+  source = "./modules/monitoring"
+
+  project_name       = local.project_name
+  environment        = local.environment
+  location           = local.location
+  resource_group_name = module.network.resource_group_name
+
+  alert_email = var.alert_email
+
+  tags = local.common_tags
+}
+{% endif %}
+
+{% if "messaging" in services %}
+module "messaging" {
+  source = "./modules/messaging"
+
+  project_name       = local.project_name
+  environment        = local.environment
+  location           = local.location
+  resource_group_name = module.network.resource_group_name
+
+  tags = local.common_tags
+}
+{% endif %}
+
+{% if "storage" in services %}
+module "storage" {
+  source = "./modules/storage"
+
+  project_name       = local.project_name
+  environment        = local.environment
+  location           = local.location
+  resource_group_name = module.network.resource_group_name
+
+  enable_versioning = var.storage_enable_versioning
+
+  tags = local.common_tags
+}
+{% endif %}

package/tf_starter/templates/azure/root/outputs.tf.j2

@@ -0,0 +1,45 @@
+# ROOT OUTPUTS — Azure
+# Generated by tf-starter
+
+output "resource_group_name" {
+  value = module.network.resource_group_name
+}
+
+output "vnet_id" {
+  value = module.network.vnet_id
+}
+
+{% if "compute" in services %}
+output "app_gateway_public_ip" {
+  value = module.compute.app_gateway_public_ip
+}
+{% endif %}
+
+{% if "database" in services %}
+output "db_fqdn" {
+  value = module.database.fqdn
+}
+{% endif %}
+
+{% if "kubernetes" in services %}
+output "aks_cluster_name" {
+  value = module.kubernetes.cluster_name
+}
+
+output "aks_kube_config" {
+  value     = module.kubernetes.kube_config
+  sensitive = true
+}
+{% endif %}
+
+{% if "messaging" in services %}
+output "servicebus_queue_id" {
+  value = module.messaging.queue_id
+}
+{% endif %}
+
+{% if "storage" in services %}
+output "storage_account_name" {
+  value = module.storage.storage_account_name
+}
+{% endif %}

package/tf_starter/templates/azure/root/providers.tf.j2

@@ -0,0 +1,18 @@
+# PROVIDER CONFIGURATION — Azure
+# Generated by tf-starter
+
+provider "azurerm" {
+  features {
+    resource_group {
+      prevent_deletion_if_contains_resources = true
+    }
+    {% if "database" in services %}
+    postgresql_flexible_server {
+      restart_server_on_configuration_value_change = true
+    }
+    {% endif %}
+  }
+
+  ### MUST EDIT THIS ###
+  # subscription_id = "your-subscription-id"
+}

package/tf_starter/templates/azure/root/variables.tf.j2

@@ -0,0 +1,114 @@
+# ROOT VARIABLES — Azure
+# Generated by tf-starter
+
+variable "location" {
+  description = "Azure region"
+  type        = string
+  default     = "{{ region }}"
+}
+
+variable "environment" {
+  description = "Deployment environment"
+  type        = string
+  default     = "dev"
+
+  validation {
+    condition     = contains({{ environments | tf_list }}, var.environment)
+    error_message = "Environment must be one of: {{ environments | join(', ') }}."
+  }
+}
+
+variable "vnet_address_space" {
+  description = "VNet address space"
+  type        = list(string)
+  default     = ["10.0.0.0/16"]
+}
+
+variable "public_subnet_cidr" {
+  description = "Public subnet CIDR"
+  type        = string
+  default     = "10.0.1.0/24"
+}
+
+variable "private_subnet_cidr" {
+  description = "Private subnet CIDR"
+  type        = string
+  default     = "10.0.10.0/24"
+}
+
+{% if "compute" in services %}
+variable "vm_size" {
+  type    = string
+  default = "Standard_B2s"
+}
+
+variable "vmss_instance_count" {
+  type    = number
+  default = 2
+}
+{% endif %}
+
+{% if "database" in services %}
+variable "db_sku_name" {
+  type    = string
+  default = "GP_Standard_D2s_v3"
+}
+
+variable "db_storage_mb" {
+  type    = number
+  default = 32768
+}
+
+variable "db_name" {
+  type    = string
+  default = "{{ project_name | replace('-', '_') }}_db"
+}
+
+variable "db_admin_login" {
+  type      = string
+  default   = "dbadmin"
+  sensitive = true
+}
+{% endif %}
+
+{% if "kubernetes" in services %}
+variable "aks_kubernetes_version" {
+  type    = string
+  default = "1.29"
+}
+
+variable "aks_node_vm_size" {
+  type    = string
+  default = "Standard_D4s_v3"
+}
+
+variable "aks_node_count" {
+  type    = number
+  default = 2
+}
+
+variable "aks_node_min_count" {
+  type    = number
+  default = 1
+}
+
+variable "aks_node_max_count" {
+  type    = number
+  default = 5
+}
+{% endif %}
+
+{% if "monitoring" in services %}
+variable "alert_email" {
+  type    = string
+  default = ""
+  ### MUST EDIT THIS ###
+}
+{% endif %}
+
+{% if "storage" in services %}
+variable "storage_enable_versioning" {
+  type    = bool
+  default = true
+}
+{% endif %}

package/tf_starter/templates/azure/root/versions.tf.j2

@@ -0,0 +1,16 @@
+# TERRAFORM AND PROVIDER VERSIONS — Azure
+
+terraform {
+  required_version = ">= 1.6.0"
+
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "~> 3.95"
+    }
+    random = {
+      source  = "hashicorp/random"
+      version = "~> 3.6"
+    }
+  }
+}

package/tf_starter/templates/gcp/environments/backend.tf.j2

@@ -0,0 +1,9 @@
+# REMOTE BACKEND — {{ environment | upper }} (GCS)
+
+terraform {
+  backend "gcs" {
+    ### MUST EDIT THIS ###
+    bucket = "{{ project_name }}-terraform-state"
+    prefix = "{{ project_name }}/{{ environment }}/terraform.tfstate"
+  }
+}