happyDomain/network.go

147 lines
4.7 KiB
Go
Raw Normal View History

package main
import (
"strings"
"github.com/pulumi/pulumi-oci/sdk/go/oci/core"
"github.com/pulumi/pulumi-oci/sdk/go/oci/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func setupNetwork(ctx *pulumi.Context, compartment *identity.Compartment) (*core.Subnet, error) {
// Create Virtual Network
vcn, err := core.NewVcn(ctx, "happydomain-vnc", &core.VcnArgs{
/*Byoipv6cidrDetails: core.VcnByoipv6cidrDetailArray{
&core.VcnByoipv6cidrDetailArgs{
Byoipv6rangeId: pulumi.String("test"),
Ipv6cidrBlock: pulumi.String("2603:c022:2:7a00::/56"),
},
},*/
CompartmentId: compartment.ID(),
CidrBlocks: pulumi.StringArray{
pulumi.String("10.0.0.0/24"),
},
DisplayName: pulumi.String("happydomain-net"),
DnsLabel: pulumi.String("thobis"),
IsIpv6enabled: pulumi.Bool(true),
IsOracleGuaAllocationEnabled: pulumi.Bool(true),
})
if err != nil {
return nil, err
}
securityList, err := core.NewSecurityList(ctx, "happydomain-security-list", &core.SecurityListArgs{
VcnId: vcn.ID(),
CompartmentId: compartment.ID(),
DisplayName: pulumi.Sprintf("%s-happydomain-sl", ctx.Stack()),
EgressSecurityRules: core.SecurityListEgressSecurityRuleArray{
core.SecurityListEgressSecurityRuleArgs{
Protocol: pulumi.String("all"),
Destination: pulumi.String("0.0.0.0/0"),
},
core.SecurityListEgressSecurityRuleArgs{
Protocol: pulumi.String("all"),
Destination: pulumi.String("::/0"),
},
},
IngressSecurityRules: core.SecurityListIngressSecurityRuleArray{
core.SecurityListIngressSecurityRuleArgs{
Protocol: pulumi.String("6"),
Source: pulumi.String("0.0.0.0/0"),
Description: pulumi.String("IPv4 SSH Port"),
TcpOptions: core.SecurityListIngressSecurityRuleTcpOptionsArgs{
Max: pulumi.Int(22),
Min: pulumi.Int(22),
},
},
core.SecurityListIngressSecurityRuleArgs{
Protocol: pulumi.String("6"),
Source: pulumi.String("0.0.0.0/0"),
Description: pulumi.String("IPv4 HTTP Port"),
TcpOptions: core.SecurityListIngressSecurityRuleTcpOptionsArgs{
Max: pulumi.Int(80),
Min: pulumi.Int(80),
},
},
core.SecurityListIngressSecurityRuleArgs{
Protocol: pulumi.String("6"),
Source: pulumi.String("0.0.0.0/0"),
Description: pulumi.String("IPv4 HTTPS Port"),
TcpOptions: core.SecurityListIngressSecurityRuleTcpOptionsArgs{
Max: pulumi.Int(443),
Min: pulumi.Int(443),
},
},
core.SecurityListIngressSecurityRuleArgs{
Protocol: pulumi.String("6"),
Source: pulumi.String("::/0"),
Description: pulumi.String("IPv6 SSH Port"),
TcpOptions: core.SecurityListIngressSecurityRuleTcpOptionsArgs{
Max: pulumi.Int(22),
Min: pulumi.Int(22),
},
},
},
})
if err != nil {
return nil, err
}
subnet, err := core.NewSubnet(ctx, "happydomain-subnet", &core.SubnetArgs{
CompartmentId: compartment.ID(),
VcnId: vcn.ID(),
CidrBlock: pulumi.String("10.0.0.0/24"),
Ipv6cidrBlocks: vcn.Ipv6cidrBlocks.ApplyT(func(blocks []string) []string {
for i := range blocks {
blocks[i] = strings.Replace(blocks[i], "/56", "/64", -1)
}
return blocks
}).(pulumi.StringArrayOutput),
SecurityListIds: pulumi.StringArray{
vcn.DefaultSecurityListId,
securityList.ID(),
},
ProhibitPublicIpOnVnic: pulumi.Bool(false),
RouteTableId: vcn.DefaultRouteTableId,
DhcpOptionsId: vcn.DefaultDhcpOptionsId,
DisplayName: pulumi.Sprintf("%s-happydomain-subnet", ctx.Stack()),
DnsLabel: pulumi.String("happysubnet"),
})
if err != nil {
return nil, err
}
internetGateway, err := core.NewInternetGateway(ctx, "happydomain-internet-gateway", &core.InternetGatewayArgs{
CompartmentId: compartment.ID(),
VcnId: vcn.ID(),
DisplayName: pulumi.Sprintf("%s-happydomain-rg", ctx.Stack()),
Enabled: pulumi.Bool(true),
})
if err != nil {
return nil, err
}
_, err = core.NewDefaultRouteTable(ctx, "happydomain-route-table", &core.DefaultRouteTableArgs{
ManageDefaultResourceId: vcn.DefaultRouteTableId,
CompartmentId: compartment.ID(),
DisplayName: pulumi.Sprintf("%s-happydomain-rt", ctx.Stack()),
RouteRules: core.DefaultRouteTableRouteRuleArray{
core.DefaultRouteTableRouteRuleArgs{
NetworkEntityId: internetGateway.ID(),
Destination: pulumi.String("0.0.0.0/0"),
DestinationType: pulumi.String("CIDR_BLOCK"),
},
core.DefaultRouteTableRouteRuleArgs{
NetworkEntityId: internetGateway.ID(),
Destination: pulumi.String("::/0"),
DestinationType: pulumi.String("CIDR_BLOCK"),
},
},
})
if err != nil {
return nil, err
}
return subnet, nil
}