You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2.0 KiB
2.0 KiB
+++ title = "[TRIAGE] OpenTofu state backend — local file (gitignored) vs Terraform Cloud vs Cloudflare R2?" priority = 9 status = "done" ticket_type = "task" dependencies = [] +++
This is a triage decision ticket. It must be resolved before dependent implementation tickets can proceed. OpenTofu state backend: should the `.tfstate` file be stored locally (gitignored), in Terraform Cloud (free tier), or in Cloudflare R2 (S3-compatible backend)? 1. **Local file** — simplest, but state is lost if the machine changes and cannot be shared. Suitable for solo development. 2. **Terraform Cloud** — free tier available, remote state with locking. Requires a Terraform Cloud account. 3. **Cloudflare R2** — S3-compatible, keeps state within Cloudflare ecosystem. Requires an R2 bucket and API credentials. **Decision: Local file backend (gitignored).**Rationale:
quotesdbis a solo developer project — no team, no CI/CD pipeline that needs shared state.- Infrastructure is small (1 Worker + 1 D1 + 1 Pages project). If state is lost, all resources can be recovered via
tofu import. - Terraform Cloud: unnecessary HashiCorp account dependency with no benefit for solo use.
- Cloudflare R2: chicken-and-egg problem — the R2 bucket itself must be manually bootstrapped before it can serve as the OpenTofu backend, adding setup complexity and extra credential scope.
- Local file: zero extra accounts, zero extra credentials, immediate to set up.
Implementation (see ticket 2d1371):
infra/terraform.tf: use default local backend (nobackendblock needed — local is the OpenTofu default).infra/.gitignore: ignore*.tfstate,*.tfstate.backup,.terraform/,.terraform.lock.hcl.infra/README.md: document that state is local and how to recover withtofu importif lost.