package main import ( "encoding/base64" "io/ioutil" "github.com/pulumi/pulumi-oci/sdk/go/oci/core" "github.com/pulumi/pulumi-oci/sdk/go/oci/identity" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" "github.com/pulumi/pulumi/sdk/v3/go/pulumi/config" ) // setupHostBeta provisions the beta (near-pre-production) instance. Unlike the // main host it is not placed behind the load balancer: beta.happydomain.org // points directly at this instance's public IP. It runs a more recent, // manually-pinned happyDomain version with real users, hence its own restic // backup repository. func setupHostBeta(ctx *pulumi.Context, ocicfg *config.Config, compartment *identity.Compartment, subnet *core.Subnet) error { cfg := config.New(ctx, "") // Get boot image imageId := compartment.CompartmentId.ApplyT(func(id string) string { images, _ := core.GetImages(ctx, &core.GetImagesArgs{ CompartmentId: id, OperatingSystem: pulumi.StringRef("Canonical Ubuntu"), OperatingSystemVersion: pulumi.StringRef("24.04 Minimal"), SortBy: pulumi.StringRef("TIMECREATED"), SortOrder: pulumi.StringRef("DESC"), Shape: pulumi.StringRef(SHAPE_AMD64), }) return images.Images[0].Id }).(pulumi.StringOutput) // Get availability domains availabilityDomainName := compartment.CompartmentId.ApplyT(func(id string) string { availabilityDomains, _ := identity.GetAvailabilityDomains(ctx, &identity.GetAvailabilityDomainsArgs{ CompartmentId: id, }) return availabilityDomains.AvailabilityDomains[0].Name }).(pulumi.StringOutput) // Load cloudinit userData, err := ioutil.ReadFile("cloud-init-beta.yaml") if err != nil { return err } // Create an OCI instance instance, err := core.NewInstance(ctx, "happydomain-beta-1", &core.InstanceArgs{ AvailabilityDomain: availabilityDomainName, CompartmentId: compartment.ID(), DisplayName: pulumi.Sprintf("%s-happydomain-beta", ctx.Stack()), Shape: pulumi.String(SHAPE_AMD64), SourceDetails: &core.InstanceSourceDetailsArgs{ SourceId: imageId, SourceType: pulumi.String("image"), }, CreateVnicDetails: &core.InstanceCreateVnicDetailsArgs{ AssignIpv6ip: pulumi.Bool(true), SubnetId: subnet.ID(), DisplayName: pulumi.Sprintf("%s-happydomain-beta", ctx.Stack()), }, ExtendedMetadata: pulumi.Map{ "EMAIL_SMTP_HOST": pulumi.String("smtp.email." + cfg.Require("region_origin") + ".oci.oraclecloud.com"), "EMAIL_SMTP_PORT": pulumi.String("587"), "EMAIL_SMTP_USERNAME": cfg.RequireSecret("happydomain_smtp_user"), "EMAIL_SMTP_PASSWORD": cfg.RequireSecret("happydomain_smtp_password"), "HAPPYDOMAIN_JWT_SECRET_KEY": cfg.RequireSecret("happydomain_beta_jwt_secret_key"), "HAPPYDOMAIN_OVH_APPLICATION_KEY": cfg.RequireSecret("happydomain_ovh_application_key"), "HAPPYDOMAIN_OVH_APPLICATION_SECRET": cfg.RequireSecret("happydomain_ovh_application_secret"), "HAPPYDOMAIN_VERSION": pulumi.String("latest"), "MY_DOMAIN": pulumi.String("beta.happydomain.org"), "RESTIC_REPOSITORY": pulumi.String("s3:blob.nemunai.re/zbackup-happydomain-beta"), "RESTIC_PASSWORD": cfg.RequireSecret("restic_password"), "RESTIC_AWS_ACCESS_KEY_ID": cfg.RequireSecret("restic_aws_access_key_id"), "RESTIC_AWS_SECRET_ACCESS_KEY": cfg.RequireSecret("restic_aws_secret_access_key"), }, Metadata: pulumi.Map{ "user_data": pulumi.String(base64.StdEncoding.EncodeToString(userData)), "ssh_authorized_keys": pulumi.String(SSH_AUTHORIZED_KEYS), }, }) if err != nil { return err } // Export the public IP so DNS for beta.happydomain.org can point at it // (the IPv6 address is read off the VNIC from the OCI console, as for the // main host). ctx.Export("beta-instance-ip", instance.PublicIp) return nil }