147 lines
4.7 KiB
Go
147 lines
4.7 KiB
Go
|
package main
|
||
|
|
||
|
import (
|
||
|
"strings"
|
||
|
|
||
|
"github.com/pulumi/pulumi-oci/sdk/go/oci/core"
|
||
|
"github.com/pulumi/pulumi-oci/sdk/go/oci/identity"
|
||
|
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
|
||
|
)
|
||
|
|
||
|
func setupNetwork(ctx *pulumi.Context, compartment *identity.Compartment) (*core.Subnet, error) {
|
||
|
// Create Virtual Network
|
||
|
vcn, err := core.NewVcn(ctx, "happydomain-vnc", &core.VcnArgs{
|
||
|
/*Byoipv6cidrDetails: core.VcnByoipv6cidrDetailArray{
|
||
|
&core.VcnByoipv6cidrDetailArgs{
|
||
|
Byoipv6rangeId: pulumi.String("test"),
|
||
|
Ipv6cidrBlock: pulumi.String("2603:c022:2:7a00::/56"),
|
||
|
},
|
||
|
},*/
|
||
|
CompartmentId: compartment.ID(),
|
||
|
CidrBlocks: pulumi.StringArray{
|
||
|
pulumi.String("10.0.0.0/24"),
|
||
|
},
|
||
|
DisplayName: pulumi.String("happydomain-net"),
|
||
|
DnsLabel: pulumi.String("thobis"),
|
||
|
IsIpv6enabled: pulumi.Bool(true),
|
||
|
IsOracleGuaAllocationEnabled: pulumi.Bool(true),
|
||
|
})
|
||
|
if err != nil {
|
||
|
return nil, err
|
||
|
}
|
||
|
|
||
|
securityList, err := core.NewSecurityList(ctx, "happydomain-security-list", &core.SecurityListArgs{
|
||
|
VcnId: vcn.ID(),
|
||
|
CompartmentId: compartment.ID(),
|
||
|
DisplayName: pulumi.Sprintf("%s-happydomain-sl", ctx.Stack()),
|
||
|
EgressSecurityRules: core.SecurityListEgressSecurityRuleArray{
|
||
|
core.SecurityListEgressSecurityRuleArgs{
|
||
|
Protocol: pulumi.String("all"),
|
||
|
Destination: pulumi.String("0.0.0.0/0"),
|
||
|
},
|
||
|
core.SecurityListEgressSecurityRuleArgs{
|
||
|
Protocol: pulumi.String("all"),
|
||
|
Destination: pulumi.String("::/0"),
|
||
|
},
|
||
|
},
|
||
|
IngressSecurityRules: core.SecurityListIngressSecurityRuleArray{
|
||
|
core.SecurityListIngressSecurityRuleArgs{
|
||
|
Protocol: pulumi.String("6"),
|
||
|
Source: pulumi.String("0.0.0.0/0"),
|
||
|
Description: pulumi.String("IPv4 SSH Port"),
|
||
|
TcpOptions: core.SecurityListIngressSecurityRuleTcpOptionsArgs{
|
||
|
Max: pulumi.Int(22),
|
||
|
Min: pulumi.Int(22),
|
||
|
},
|
||
|
},
|
||
|
core.SecurityListIngressSecurityRuleArgs{
|
||
|
Protocol: pulumi.String("6"),
|
||
|
Source: pulumi.String("0.0.0.0/0"),
|
||
|
Description: pulumi.String("IPv4 HTTP Port"),
|
||
|
TcpOptions: core.SecurityListIngressSecurityRuleTcpOptionsArgs{
|
||
|
Max: pulumi.Int(80),
|
||
|
Min: pulumi.Int(80),
|
||
|
},
|
||
|
},
|
||
|
core.SecurityListIngressSecurityRuleArgs{
|
||
|
Protocol: pulumi.String("6"),
|
||
|
Source: pulumi.String("0.0.0.0/0"),
|
||
|
Description: pulumi.String("IPv4 HTTPS Port"),
|
||
|
TcpOptions: core.SecurityListIngressSecurityRuleTcpOptionsArgs{
|
||
|
Max: pulumi.Int(443),
|
||
|
Min: pulumi.Int(443),
|
||
|
},
|
||
|
},
|
||
|
core.SecurityListIngressSecurityRuleArgs{
|
||
|
Protocol: pulumi.String("6"),
|
||
|
Source: pulumi.String("::/0"),
|
||
|
Description: pulumi.String("IPv6 SSH Port"),
|
||
|
TcpOptions: core.SecurityListIngressSecurityRuleTcpOptionsArgs{
|
||
|
Max: pulumi.Int(22),
|
||
|
Min: pulumi.Int(22),
|
||
|
},
|
||
|
},
|
||
|
},
|
||
|
})
|
||
|
if err != nil {
|
||
|
return nil, err
|
||
|
}
|
||
|
|
||
|
subnet, err := core.NewSubnet(ctx, "happydomain-subnet", &core.SubnetArgs{
|
||
|
CompartmentId: compartment.ID(),
|
||
|
VcnId: vcn.ID(),
|
||
|
CidrBlock: pulumi.String("10.0.0.0/24"),
|
||
|
Ipv6cidrBlocks: vcn.Ipv6cidrBlocks.ApplyT(func(blocks []string) []string {
|
||
|
for i := range blocks {
|
||
|
blocks[i] = strings.Replace(blocks[i], "/56", "/64", -1)
|
||
|
}
|
||
|
return blocks
|
||
|
}).(pulumi.StringArrayOutput),
|
||
|
SecurityListIds: pulumi.StringArray{
|
||
|
vcn.DefaultSecurityListId,
|
||
|
securityList.ID(),
|
||
|
},
|
||
|
ProhibitPublicIpOnVnic: pulumi.Bool(false),
|
||
|
RouteTableId: vcn.DefaultRouteTableId,
|
||
|
DhcpOptionsId: vcn.DefaultDhcpOptionsId,
|
||
|
DisplayName: pulumi.Sprintf("%s-happydomain-subnet", ctx.Stack()),
|
||
|
DnsLabel: pulumi.String("happysubnet"),
|
||
|
})
|
||
|
if err != nil {
|
||
|
return nil, err
|
||
|
}
|
||
|
|
||
|
internetGateway, err := core.NewInternetGateway(ctx, "happydomain-internet-gateway", &core.InternetGatewayArgs{
|
||
|
CompartmentId: compartment.ID(),
|
||
|
VcnId: vcn.ID(),
|
||
|
DisplayName: pulumi.Sprintf("%s-happydomain-rg", ctx.Stack()),
|
||
|
Enabled: pulumi.Bool(true),
|
||
|
})
|
||
|
if err != nil {
|
||
|
return nil, err
|
||
|
}
|
||
|
|
||
|
_, err = core.NewDefaultRouteTable(ctx, "happydomain-route-table", &core.DefaultRouteTableArgs{
|
||
|
ManageDefaultResourceId: vcn.DefaultRouteTableId,
|
||
|
CompartmentId: compartment.ID(),
|
||
|
DisplayName: pulumi.Sprintf("%s-happydomain-rt", ctx.Stack()),
|
||
|
RouteRules: core.DefaultRouteTableRouteRuleArray{
|
||
|
core.DefaultRouteTableRouteRuleArgs{
|
||
|
NetworkEntityId: internetGateway.ID(),
|
||
|
Destination: pulumi.String("0.0.0.0/0"),
|
||
|
DestinationType: pulumi.String("CIDR_BLOCK"),
|
||
|
},
|
||
|
core.DefaultRouteTableRouteRuleArgs{
|
||
|
NetworkEntityId: internetGateway.ID(),
|
||
|
Destination: pulumi.String("::/0"),
|
||
|
DestinationType: pulumi.String("CIDR_BLOCK"),
|
||
|
},
|
||
|
},
|
||
|
})
|
||
|
if err != nil {
|
||
|
return nil, err
|
||
|
}
|
||
|
|
||
|
return subnet, nil
|
||
|
}
|