Initial commit

2026-05-08 16:43:16 +08:00 · 2026-05-08 16:43:16 +08:00 · 189bb13948
commit 189bb13948
10 changed files with 932 additions and 0 deletions
--- a/network.go
+++ b/network.go
@ -0,0 +1,164 @@
+package main
+
+import (
+	"strings"
+
+	"github.com/pulumi/pulumi-oci/sdk/go/oci/core"
+	"github.com/pulumi/pulumi-oci/sdk/go/oci/identity"
+	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
+)
+
+func setupNetwork(ctx *pulumi.Context, compartment *identity.Compartment) (*core.Subnet, error) {
+	// Create Virtual Network
+	vcn, err := core.NewVcn(ctx, "heyform-vnc", &core.VcnArgs{
+		/*Byoipv6cidrDetails: core.VcnByoipv6cidrDetailArray{
+			&core.VcnByoipv6cidrDetailArgs{
+				Byoipv6rangeId: pulumi.String("test"),
+				Ipv6cidrBlock:  pulumi.String("2603:c022:2:7a00::/56"),
+			},
+		},*/
+		CompartmentId: compartment.ID(),
+		CidrBlocks: pulumi.StringArray{
+			pulumi.String("10.0.0.0/24"),
+		},
+		DisplayName:                  pulumi.String("heyform-net"),
+		DnsLabel:                     pulumi.String("hf"),
+		IsIpv6enabled:                pulumi.Bool(true),
+		IsOracleGuaAllocationEnabled: pulumi.Bool(true),
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	securityList, err := core.NewSecurityList(ctx, "heyform-security-list", &core.SecurityListArgs{
+		VcnId:         vcn.ID(),
+		CompartmentId: compartment.ID(),
+		DisplayName:   pulumi.Sprintf("%s-heyform-sl", ctx.Stack()),
+		EgressSecurityRules: core.SecurityListEgressSecurityRuleArray{
+			core.SecurityListEgressSecurityRuleArgs{
+				Protocol:    pulumi.String("all"),
+				Destination: pulumi.String("0.0.0.0/0"),
+			},
+			core.SecurityListEgressSecurityRuleArgs{
+				Protocol:    pulumi.String("all"),
+				Destination: pulumi.String("::/0"),
+			},
+		},
+		IngressSecurityRules: core.SecurityListIngressSecurityRuleArray{
+			core.SecurityListIngressSecurityRuleArgs{
+				Protocol:    pulumi.String("6"),
+				Source:      pulumi.String("0.0.0.0/0"),
+				Description: pulumi.String("IPv4 SSH Port"),
+				TcpOptions: core.SecurityListIngressSecurityRuleTcpOptionsArgs{
+					Max: pulumi.Int(22),
+					Min: pulumi.Int(22),
+				},
+			},
+			core.SecurityListIngressSecurityRuleArgs{
+				Protocol:    pulumi.String("6"),
+				Source:      pulumi.String("0.0.0.0/0"),
+				Description: pulumi.String("IPv4 HTTP Port"),
+				TcpOptions: core.SecurityListIngressSecurityRuleTcpOptionsArgs{
+					Max: pulumi.Int(80),
+					Min: pulumi.Int(80),
+				},
+			},
+			core.SecurityListIngressSecurityRuleArgs{
+				Protocol:    pulumi.String("6"),
+				Source:      pulumi.String("0.0.0.0/0"),
+				Description: pulumi.String("IPv4 HTTPS Port"),
+				TcpOptions: core.SecurityListIngressSecurityRuleTcpOptionsArgs{
+					Max: pulumi.Int(443),
+					Min: pulumi.Int(443),
+				},
+			},
+			core.SecurityListIngressSecurityRuleArgs{
+				Protocol:    pulumi.String("6"),
+				Source:      pulumi.String("::/0"),
+				Description: pulumi.String("IPv6 SSH Port"),
+				TcpOptions: core.SecurityListIngressSecurityRuleTcpOptionsArgs{
+					Max: pulumi.Int(22),
+					Min: pulumi.Int(22),
+				},
+			},
+			core.SecurityListIngressSecurityRuleArgs{
+				Protocol:    pulumi.String("6"),
+				Source:      pulumi.String("::/0"),
+				Description: pulumi.String("IPv6 HTTP Port"),
+				TcpOptions: core.SecurityListIngressSecurityRuleTcpOptionsArgs{
+					Max: pulumi.Int(80),
+					Min: pulumi.Int(80),
+				},
+			},
+			core.SecurityListIngressSecurityRuleArgs{
+				Protocol:    pulumi.String("6"),
+				Source:      pulumi.String("::/0"),
+				Description: pulumi.String("IPv6 HTTPS Port"),
+				TcpOptions: core.SecurityListIngressSecurityRuleTcpOptionsArgs{
+					Max: pulumi.Int(443),
+					Min: pulumi.Int(443),
+				},
+			},
+		},
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	subnet, err := core.NewSubnet(ctx, "heyform-subnet", &core.SubnetArgs{
+		CompartmentId: compartment.ID(),
+		VcnId:         vcn.ID(),
+		CidrBlock:     pulumi.String("10.0.0.0/24"),
+		Ipv6cidrBlocks: vcn.Ipv6cidrBlocks.ApplyT(func(blocks []string) []string {
+			for i := range blocks {
+				blocks[i] = strings.ReplaceAll(blocks[i], "/56", "/64")
+			}
+			return blocks
+		}).(pulumi.StringArrayOutput),
+		SecurityListIds: pulumi.StringArray{
+			vcn.DefaultSecurityListId,
+			securityList.ID(),
+		},
+		ProhibitPublicIpOnVnic: pulumi.Bool(false),
+		RouteTableId:           vcn.DefaultRouteTableId,
+		DhcpOptionsId:          vcn.DefaultDhcpOptionsId,
+		DisplayName:            pulumi.Sprintf("%s-heyform-subnet", ctx.Stack()),
+		DnsLabel:               pulumi.String("subnetheyform"),
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	internetGateway, err := core.NewInternetGateway(ctx, "heyform-internet-gateway", &core.InternetGatewayArgs{
+		CompartmentId: compartment.ID(),
+		VcnId:         vcn.ID(),
+		DisplayName:   pulumi.Sprintf("%s-heyform-rg", ctx.Stack()),
+		Enabled:       pulumi.Bool(true),
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	_, err = core.NewDefaultRouteTable(ctx, "heyform-route-table", &core.DefaultRouteTableArgs{
+		ManageDefaultResourceId: vcn.DefaultRouteTableId,
+		CompartmentId:           compartment.ID(),
+		DisplayName:             pulumi.Sprintf("%s-heyform-rt", ctx.Stack()),
+		RouteRules: core.DefaultRouteTableRouteRuleArray{
+			core.DefaultRouteTableRouteRuleArgs{
+				NetworkEntityId: internetGateway.ID(),
+				Destination:     pulumi.String("0.0.0.0/0"),
+				DestinationType: pulumi.String("CIDR_BLOCK"),
+			},
+			core.DefaultRouteTableRouteRuleArgs{
+				NetworkEntityId: internetGateway.ID(),
+				Destination:     pulumi.String("::/0"),
+				DestinationType: pulumi.String("CIDR_BLOCK"),
+			},
+		},
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	return subnet, nil
+}