Cloud Portfolio Infrastructure (AWS + Terraform + Ansible)

📖 Versão em Português aqui

💻 Note: This repository contains the Terraform IaC and Ansible playbooks for managing the deployment infrastructure. The source code for the Next.js portfolio application running on this infrastructure can be found here: github.com/Maschior/portfolio-webapp.

---

This repository manages the Cloud Infrastructure and System Configuration for hosting my personal portfolio website, utilizing a modern, production-grade DevOps stack to deploy automatically and securely.

Architecture Overview

The infrastructure simulates a corporate cloud environment with separate repository codebases and automated pipelines:

• Terraform IaC: Provisions AWS networking, computing, security, and integration with Cloudflare.
• Ansible Automation: Installs and configures system services (like Nginx) and handles host configurations on the EC2 instance.
• Secure Cloudflare Tunnel: Connects the EC2 instance to the public web via an outbound tunnel (no public inbound ports need to be exposed to the internet).
• GitHub Actions Integration: Utilizes secure AWS OpenID Connect (OIDC) authentication for passwordless IAM deployments.

Technology Stack

• Infrastructure as Code: Terraform
• Configuration Management: Ansible
• Cloud Provider: Amazon Web Services (AWS)
• DNS & Security: Cloudflare (Tunnels + DNS routing)
• CI/CD: GitHub Actions (with IAM OIDC role integration)

Directory Structure

portfolio-infra/
├── terraform/                # Terraform Configurations
│   ├── modules/              # Reusable IaC Modules
│   │   ├── bootstrap/        # S3 Backend bucket & DynamoDB state lock table
│   │   ├── github_oidc/      # OpenID Connect Role for GitHub Actions
│   │   ├── network/          # VPC, Subnet, Route Table configurations
│   │   ├── iam/              # IAM Policies & Roles for SSM
│   │   ├── security/         # Security Groups
│   │   ├── cloudflare/       # Cloudflare Tunnel & DNS record resources
│   │   └── compute/          # EC2 instance & launch scripting
│   ├── main.tf               # Root module orchestrator
│   └── variables.tf          # Input declarations
└── ansible/                  # Ansible Provisioning configs
    ├── playbooks.yml         # Server configuration tasks (Nginx setup, etc.)
    └── hosts                 # Inventory definitions

Deployment Guide

Follow the instructions below to configure and provision the infrastructure:

1. Prerequisites

Ensure you have the following installed:

• Terraform CLI
• Ansible CLI
• AWS CLI configured with your credentials.

2. Infrastructure Provisioning

Navigate to the terraform directory:

cd terraform

Initialize Terraform (downloads providers and module requirements):

terraform init

Review planned changes:

terraform plan

Deploy infrastructure:

terraform apply

3. Server Configuration (Ansible)

After provisioning the EC2 instance, navigate to the ansible directory to configure it:

cd ../ansible
ansible-playbook playbook.yml

This installs Nginx, configures directories, and prepares the host for the web application deployment.