This repository contains our infrastructure as code (IaC) definitions using Terraform.
We use Terraform to manage resources across multiple platforms (e.g., GitHub, Discord) and multiple environments (dev, staging, prod).
The goal of this repo is to:
- Provide a single source of truth for all infrastructure.
- Ensure consistency across environments.
- Enable collaboration and safe changes through code review and CI/CD.
- Scale easily as we add more platforms and environments.
infra-as-code/ # Root of your Terraform repo (Git repo root)
├── README.md # High-level docs
├── backend.tf # Remote backend for dev (S3/TFC/etc.)
├── main.tf # Composes platform modules
├── providers.tf # Provider configs (with aliases if needed)
├── variables.tf # Env-specific variables
└── terraform.tfvars # Inputs for this env
├── github/
│ ├── repo/
│ │ ├── main.tf
│ │ ├── variables.tf
│ │ └── outputs.tf
│ ├── team/
│ │ ├── main.tf
│ │ ├── variables.tf
│ │ └── outputs.tf
│ └── org/
│ ├── main.tf
│ ├── variables.tf
│ └── outputs.tf
└── discord/
├── server/
├── channel/
└── role/
- clone the repo
- if you want to start fresh:
make destroy-structure: Destroy all Terraform resources and removes all current codes and directories except README and scripts folder. after than executeinit-structure: Bootstrap Terraform repo structure (only runs if not exists) - make your own IAC from the fresh template!
- otherwise you can modify my current IAC!
backend.tf→ Defines the remote backend for storing state (e.g., S3, Terraform Cloud).providers.tf→ Configures platform providers (GitHub, Discord, etc.).main.tf→ Composes modules fromplatforms/to build infrastructure.variables.tf→ Defines environment-specific variables.terraform.tfvars→ Supplies values for variables (e.g., repo names, server configs).
Reusable modules for each platform live under platforms/.
repo/→ Manages repositories, branch protections, repo topics.team/→ Manages GitHub teams and memberships.org/→ Configures org-wide settings.
server/→ Manages Discord servers/guilds.channel/→ Manages channels in a server.role/→ Manages roles and permissions.
- Cross-platform helpers, like a tags/labels module for consistent naming.
We use Terraform providers for each external system. Example:
- GitHub Provider
- Discord Provider (community)
Each environment defines its provider config in providers.tf. Credentials are never stored in Git.
Instead, use environment variables or a credentials manager.
-
Branch & PR workflow
- Create a feature branch (
feature/new-repo). - Make changes in the
environment/orplatforms/module. - Open a Pull Request → run CI (fmt, validate, plan).
- Once approved → merge to main.
- Create a feature branch (
- Each environment has its own remote backend (
backend.tf). - This prevents state conflicts and isolates dev/staging/prod.
- State locking is enabled (via DynamoDB if AWS backend, or Terraform Cloud).
- Terraform version: pinned in
versions.tf. - Formatting: run
terraform fmt -recursive. - Validation: run
terraform validatebefore committing. - Linting: optional but recommended (
tflint,checkov). - Modules: always reusable, no hardcoded env-specific values.
- Secrets: never hardcoded, always injected via env vars or secret managers.
- Add repo resource in
main.tf:
module "infra" {
source = "./github/repo"
context = {
owner = local.org_name
name = "infra"
visibility = "public"
description = "Infra managed by Terraform"
codereaders = []
maintainers = []
topics = ["terraform", "infrastructure-as-code", "iac", "github", "automation", "managed"]
}
}✅ With this structure, new team members can quickly onboard:
- Modules → define reusable infra per platform.
- Environments → control where infra is deployed.
- Backends → ensure isolated and safe state management.