Skip to content

abaasi256/vps-infra-recovery

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

4 Commits
backup
backup
Β 
Β 
docs
docs
Β 
Β 
infra/terraform
infra/terraform
Β 
Β 
.env.example
.env.example
Β 
Β 
.gitignore
.gitignore
Β 
Β 
LICENSE
LICENSE
Β 
Β 
README.md
README.md
Β 
Β 

Repository files navigation

🌍 Multi-Cloud Infrastructure Cloner

Banner

Terraform Version Infrastructure as Code Security Hardened Disaster Recovery License

🎯 Overview

The Multi-Cloud Infrastructure Cloner is a production-grade IaC system designed for high-availability and disaster recovery. It allows for the instantaneous recreation of a full production environment across multiple VPS providers (AWS, Hetzner, Contabo) with a single command.

Key Capabilities

  • Provider Abstraction: Interchangeable compute modules with a unified variable schema.
  • Secure-by-Default: Automated cloud-init hardening, SSH-only access, and Fail2ban integration.
  • Atomic Restoration: Custom backup engine to capture and redeploy Docker volumes and service states.
  • Zero-Leak Design: Strict credential isolation and environment-specific configurations.

πŸ— Architecture

Pipeline Flow

Pipeline Infographic

Architecture Detail

Technical Architecture Diagram

System Flow (Mermaid)

graph TD
    User([Platform Engineer]) -->|terraform apply| Hub{TF Provider Selector}
    Hub -->|target_provider=aws| AWS[AWS EC2]
    Hub -->|target_provider=hetzner| HZ[Hetzner Cloud]
    Hub -->|target_provider=contabo| CON[Contabo VPS]

    subgraph "Secure Bootstrap"
        AWS & HZ & CON --> CI[Cloud-Init Engine]
        CI --> UserM[Non-root User]
        CI --> Hard[Sec Hardening / Firewall]
        CI --> Docker[Docker Runtime]
    end

    subgraph "Recovery Pipeline"
        Docker --> Restore[Restore Script]
        Backup[(External Backup)] --> Restore
        Restore --> Apps[Running Containers]
        Apps --> Vol[(Persistent Volumes)]
    end
Loading

πŸš€ Getting Started

1. Prerequisites

  • HashiCorp Terraform 1.5+
  • Cloud provider API credentials
  • SSH Key Pair

2. Configure Environment

Clone the .env.example and fill in your secrets:

cp .env.example .env
source .env

3. Deploy

cd infra/terraform/environments/prod
terraform init
terraform apply -var="target_provider=hetzner" -var="ssh_public_key=$(cat ~/.ssh/id_rsa.pub)"

πŸ›‘ Security Model

  • Identity: No root login. All operations performed via sudo users.
  • Network: Minimal exposure. UFW configured for SSH, HTTP, and HTTPS only.
  • Runtime: Docker containers run with resource limits and restart policies.
  • Secrets: Encrypted variable injection via Terraform environment variables.

Important

For a deep dive into our hardening process and zero-leak strategy, see the Full Security Architecture.

πŸ’Ύ Backup & Restore

Capture

Run on the running server to export state:

./backup/scripts/capture.sh

Restore

Run on the newly provisioned server:

./backup/scripts/restore.sh infra-export-YYYYMMDD.tar.gz

πŸ… Portfolio Piece

By abaasi256

About

🌍 Multi-Cloud Disaster Recovery Engine. A production-grade IaC platform for instantaneous VPS rebuilding. Features automated state capture, volume restoration, and security hardening across AWS, Hetzner, and Contabo using Terraform and Docker.

Topics

docker devops automation terraform infrastructure-as-code cloud-native high-availability sre security-hardening cloud-init self-healing disaster-recovery multi-cloud backup-restore platform-engineering vps-management

Resources

Readme

License

MIT license

Security policy

Security policy
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages