iac/nextcloud-aio
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
eead51f7b5
nextcloud-aio/main.go

206 lines
6.7 KiB
Go
Raw Blame History

package main
import (
"strings"
"github.com/pulumi/pulumi-oci/sdk/go/oci/core"
"github.com/pulumi/pulumi-oci/sdk/go/oci/identity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
const SHAPE_AMD64 = "VM.Standard.E2.1.Micro"
const SHAPE_ARM64 = "VM.Standard.A1.Flex"
const SSH_AUTHORIZED_KEYS = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILO2HHqD/MDYpPjYVMdvYI9Jn1FoyFp43IkPRzjZGvdL nemunaire@oupaout.ra.nemunai.re"
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cfg := config.New(ctx, "")
// My Compartment
compartment, err := identity.NewCompartment(ctx, "compartment-nextcloud", &identity.CompartmentArgs{
Name: pulumi.Sprintf("%s-nextcloud", ctx.Stack()),
Description: pulumi.String("Compartment for nextcloud"),
})
if err != nil {
return err
}
// Create Virtual Network
vcn, err := core.NewVcn(ctx, "nextcloud-vnc", &core.VcnArgs{
/*Byoipv6cidrDetails: core.VcnByoipv6cidrDetailArray{
&core.VcnByoipv6cidrDetailArgs{
Byoipv6rangeId: pulumi.String("test"),
Ipv6cidrBlock: pulumi.String("2603:c022:2:7a00::/56"),
},
},*/
CompartmentId: compartment.ID(),
CidrBlocks: pulumi.StringArray{
pulumi.String("10.0.0.0/24"),
},
DisplayName: pulumi.String("nextcloud-net"),
DnsLabel: pulumi.String("thobis"),
IsIpv6enabled: pulumi.Bool(true),
IsOracleGuaAllocationEnabled: pulumi.Bool(true),
})
if err != nil {
return err
}
securityList, err := core.NewSecurityList(ctx, "nextcloud-security-list", &core.SecurityListArgs{
VcnId: vcn.ID(),
CompartmentId: compartment.ID(),
DisplayName: pulumi.Sprintf("%s-nextcloud-sl", ctx.Stack()),
EgressSecurityRules: core.SecurityListEgressSecurityRuleArray{
core.SecurityListEgressSecurityRuleArgs{
Protocol: pulumi.String("all"),
Destination: pulumi.String("0.0.0.0/0"),
},
core.SecurityListEgressSecurityRuleArgs{
Protocol: pulumi.String("all"),
Destination: pulumi.String("::/0"),
},
},
IngressSecurityRules: core.SecurityListIngressSecurityRuleArray{
core.SecurityListIngressSecurityRuleArgs{
Protocol: pulumi.String("6"),
Source: pulumi.String("0.0.0.0/0"),
Description: pulumi.String("IPv4 SSH Port"),
TcpOptions: core.SecurityListIngressSecurityRuleTcpOptionsArgs{
Max: pulumi.Int(22),
Min: pulumi.Int(22),
},
},
core.SecurityListIngressSecurityRuleArgs{
Protocol: pulumi.String("6"),
Source: pulumi.String("0.0.0.0/0"),
Description: pulumi.String("IPv4 HTTP Port"),
TcpOptions: core.SecurityListIngressSecurityRuleTcpOptionsArgs{
Max: pulumi.Int(80),
Min: pulumi.Int(80),
},
},
core.SecurityListIngressSecurityRuleArgs{
Protocol: pulumi.String("6"),
Source: pulumi.String("0.0.0.0/0"),
Description: pulumi.String("IPv4 HTTP Port for AIO"),
TcpOptions: core.SecurityListIngressSecurityRuleTcpOptionsArgs{
Max: pulumi.Int(8080),
Min: pulumi.Int(8080),
},
},
core.SecurityListIngressSecurityRuleArgs{
Protocol: pulumi.String("6"),
Source: pulumi.String("0.0.0.0/0"),
Description: pulumi.String("IPv4 HTTP Port for AIO"),
TcpOptions: core.SecurityListIngressSecurityRuleTcpOptionsArgs{
Max: pulumi.Int(8443),
Min: pulumi.Int(8443),
},
},
core.SecurityListIngressSecurityRuleArgs{
Protocol: pulumi.String("6"),
Source: pulumi.String("0.0.0.0/0"),
Description: pulumi.String("IPv4 AppAPI Port"),
TcpOptions: core.SecurityListIngressSecurityRuleTcpOptionsArgs{
Max: pulumi.Int(2375),
Min: pulumi.Int(2375),
},
},
core.SecurityListIngressSecurityRuleArgs{
Protocol: pulumi.String("6"),
Source: pulumi.String("0.0.0.0/0"),
Description: pulumi.String("IPv4 ExApp Port"),
TcpOptions: core.SecurityListIngressSecurityRuleTcpOptionsArgs{
Max: pulumi.Int(23030),
Min: pulumi.Int(23000),
},
},
core.SecurityListIngressSecurityRuleArgs{
Protocol: pulumi.String("6"),
Source: pulumi.String("0.0.0.0/0"),
Description: pulumi.String("IPv4 HTTPS Port"),
TcpOptions: core.SecurityListIngressSecurityRuleTcpOptionsArgs{
Max: pulumi.Int(443),
Min: pulumi.Int(443),
},
},
core.SecurityListIngressSecurityRuleArgs{
Protocol: pulumi.String("6"),
Source: pulumi.String("::/0"),
Description: pulumi.String("IPv6 SSH Port"),
TcpOptions: core.SecurityListIngressSecurityRuleTcpOptionsArgs{
Max: pulumi.Int(22),
Min: pulumi.Int(22),
},
},
},
})
if err != nil {
return err
}
subnet, err := core.NewSubnet(ctx, "nextcloud-subnet", &core.SubnetArgs{
CompartmentId: compartment.ID(),
VcnId: vcn.ID(),
CidrBlock: pulumi.String("10.0.0.0/24"),
Ipv6cidrBlocks: vcn.Ipv6cidrBlocks.ApplyT(func(blocks []string) []string {
for i := range blocks {
blocks[i] = strings.Replace(blocks[i], "/56", "/64", -1)
}
return blocks
}).(pulumi.StringArrayOutput),
SecurityListIds: pulumi.StringArray{
vcn.DefaultSecurityListId,
securityList.ID(),
},
ProhibitPublicIpOnVnic: pulumi.Bool(false),
RouteTableId: vcn.DefaultRouteTableId,
DhcpOptionsId: vcn.DefaultDhcpOptionsId,
DisplayName: pulumi.Sprintf("%s-nextcloud-subnet", ctx.Stack()),
DnsLabel: pulumi.String("subnetlocalia"),
})
if err != nil {
return err
}
internetGateway, err := core.NewInternetGateway(ctx, "nextcloud-internet-gateway", &core.InternetGatewayArgs{
CompartmentId: compartment.ID(),
VcnId: vcn.ID(),
DisplayName: pulumi.Sprintf("%s-nextcloud-rg", ctx.Stack()),
Enabled: pulumi.Bool(true),
})
if err != nil {
return err
}
_, err = core.NewDefaultRouteTable(ctx, "nextcloud-route-table", &core.DefaultRouteTableArgs{
ManageDefaultResourceId: vcn.DefaultRouteTableId,
CompartmentId: compartment.ID(),
DisplayName: pulumi.Sprintf("%s-nextcloud-rt", ctx.Stack()),
RouteRules: core.DefaultRouteTableRouteRuleArray{
core.DefaultRouteTableRouteRuleArgs{
NetworkEntityId: internetGateway.ID(),
Destination: pulumi.String("0.0.0.0/0"),
DestinationType: pulumi.String("CIDR_BLOCK"),
},
core.DefaultRouteTableRouteRuleArgs{
NetworkEntityId: internetGateway.ID(),
Destination: pulumi.String("::/0"),
DestinationType: pulumi.String("CIDR_BLOCK"),
},
},
})
if err != nil {
return err
}
err = setupAIO(ctx, cfg, compartment, vcn, subnet)
if err != nil {
return err
}
return nil
})
}
Reference in New Issue View Git Blame Copy Permalink