attempt to build and deploy to oracle

deploy/oracle/main.tf

@@ -0,0 +1,103 @@
+terraform {
+  backend "s3" {
+    region       = "us-east-1"
+    use_lockfile = true
+  }
+  required_version = ">= 1.0.0"
+  required_providers {
+    oci = {
+      source  = "oracle/oci"
+      version = "7.7.0"
+    }
+  }
+}
+
+provider "oci" {
+  auth         = "APIKey"
+  tenancy_ocid = var.compartment_ocid
+  user_ocid    = "ocid1.user.oc1..aaaaaaaa6lro2eoxdajjypjysepvzcavq5yn4qyozjyebxdiaoqziribuqba"
+  private_key  = var.oci_private_key
+  fingerprint  = "dd:d0:da:6d:83:46:8b:b3:d9:45:2b:c7:56:ae:30:94"
+  region       = "us-ashburn-1"
+}
+
+# # Get the latest Ubuntu image OCID
+# # We'll filter for a recent Ubuntu LTS version (e.g., 22.04 or 24.04) and pick the latest.
+# # Note: Image OCIDs are region-specific. This data source helps find the correct one.
+# data "oci_core_images" "ubuntu_image" {
+#   compartment_id   = var.compartment_ocid
+#   operating_system = "Canonical Ubuntu"
+#   # Adjust this version if you prefer a different Ubuntu LTS (e.g., "24.04")
+#   operating_system_version = "24.04"
+#   shape_filter             = var.instance_shape # Filter by the shape to ensure compatibility
+#   sort_by                  = "TIMECREATED"
+#   sort_order               = "DESC"
+#   limit                    = 1 # Get only the latest
+# }
+
+resource "oci_core_image" "my_custom_image" {
+  compartment_id = var.compartment_ocid
+  display_name   = "noah-nixos"
+
+  image_source_details {
+    source_type = "objectStorageTuple" # Use this if specifying namespace, bucket, and object name
+    # source_type  = "objectStorageUri"  # Use this if you have a pre-authenticated request URL (PAR)
+    namespace_name = var.object_storage_namespace
+    bucket_name    = var.object_storage_bucket_name
+    object_name    = var.object_storage_object_name
+
+    source_image_type = "QCOW2" # e.g., "QCOW2", "VMDK"
+  }
+
+  # These properties help OCI understand how to launch instances from this image
+  # Adjust based on your custom image's OS and boot mode
+  launch_mode              = "PARAVIRTUALIZED" # Or "NATIVE", "EMULATED", "CUSTOM"
+  operating_system         = "NixOS"           # e.g., "CentOS", "Debian", "Windows"
+  operating_system_version = "25.05"           # e.g., "7", "11", "2019"
+
+  # Optional: for specific launch options if your image requires them
+  # launch_options {
+  #   boot_volume_type = "PARAVIRTUALIZED"
+  #   firmware         = "UEFI_64" # Or "BIOS"
+  #   network_type     = "PARAVIRTUALIZED"
+  # }
+
+  # Time out for image import operation. Can take a while for large images.
+  timeouts {
+    create = "60m" # Default is 20m, often needs to be increased
+  }
+}
+
+resource "oci_core_instance" "my_compute_instance" {
+  compartment_id      = var.compartment_ocid
+  availability_domain = data.oci_identity_availability_domains.ads.availability_domains[0].name
+  shape               = var.instance_shape
+  display_name        = var.instance_display_name
+
+  source_details {
+    source_type = "image"
+    # # Use the OCID of the latest Ubuntu image found by the data source
+    # source_id = data.oci_core_images.ubuntu_image.images[0].id
+    # Use the OCID of the newly imported custom image
+    source_id = oci_core_image.my_custom_image.id
+    # Specify the boot volume size
+    boot_volume_size_in_gbs = var.boot_volume_size_in_gbs
+  }
+
+  create_vnic_details {
+    subnet_id        = oci_core_subnet.my_public_subnet.id # Use the created subnet's ID
+    display_name     = "primary_vnic"
+    assign_public_ip = true
+  }
+
+  metadata = {
+    ssh_authorized_keys = var.ssh_public_key
+    user_data           = base64encode(var.cloud_init_script)
+  }
+
+  # Optional: For flexible shapes (e.g., VM.Standard.E4.Flex), you might need to specify OCPUs and memory
+  shape_config {
+    ocpus         = 4
+    memory_in_gbs = 24
+  }
+}

deploy/oracle/network.tf

@@ -0,0 +1,126 @@
+resource "oci_core_vcn" "my_vpc" {
+  compartment_id = var.compartment_ocid
+  display_name   = "main"
+  cidr_block     = "10.0.0.0/16"
+  is_ipv6enabled = false
+  dns_label      = "mainvcn" # Must be unique within your tenancy
+}
+
+resource "oci_core_internet_gateway" "my_igw" {
+  compartment_id = var.compartment_ocid
+  vcn_id         = oci_core_vcn.my_vpc.id
+  display_name   = "main-igw"
+  is_enabled     = true
+}
+
+resource "oci_core_route_table" "my_public_route_table" {
+  compartment_id = var.compartment_ocid
+  vcn_id         = oci_core_vcn.my_vpc.id
+  display_name   = "main-public-rt"
+
+  # Default route to the Internet Gateway
+  route_rules {
+    destination       = "0.0.0.0/0"
+    destination_type  = "CIDR_BLOCK"
+    network_entity_id = oci_core_internet_gateway.my_igw.id
+  }
+}
+
+resource "oci_core_security_list" "my_public_security_list" {
+  compartment_id = var.compartment_ocid
+  vcn_id         = oci_core_vcn.my_vpc.id
+  display_name   = "main-public-sl"
+
+  # Egress Rules (Allow all outbound traffic)
+  egress_security_rules {
+    destination      = "0.0.0.0/0"
+    destination_type = "CIDR_BLOCK"
+    protocol         = "all"
+  }
+
+  # Ingress Rules
+  ingress_security_rules {
+    # SSH (TCP 22)
+    protocol    = "6" # TCP
+    source      = "0.0.0.0/0"
+    source_type = "CIDR_BLOCK"
+    tcp_options {
+      min = 22
+      max = 22
+    }
+  }
+
+  ingress_security_rules {
+    # HTTP (TCP 80)
+    protocol    = "6" # TCP
+    source      = "0.0.0.0/0"
+    source_type = "CIDR_BLOCK"
+    tcp_options {
+      min = 80
+      max = 80
+    }
+  }
+
+  ingress_security_rules {
+    # HTTPS (TCP 443)
+    protocol    = "6" # TCP
+    source      = "0.0.0.0/0"
+    source_type = "CIDR_BLOCK"
+    tcp_options {
+      min = 443
+      max = 443
+    }
+  }
+
+  ingress_security_rules {
+    # Custom Minecraft
+    protocol    = "6" # TCP
+    source      = "0.0.0.0/0"
+    source_type = "CIDR_BLOCK"
+    tcp_options {
+      min = 49732
+      max = 49732
+    }
+  }
+
+  ingress_security_rules {
+    # HTTPS (UDP 443) - For QUIC or specific UDP services
+    protocol    = "17" # UDP
+    source      = "0.0.0.0/0"
+    source_type = "CIDR_BLOCK"
+    udp_options {
+      min = 443
+      max = 443
+    }
+  }
+
+  ingress_security_rules {
+    # ICMP (Ping)
+    protocol    = "1" # ICMP
+    source      = "0.0.0.0/0"
+    source_type = "CIDR_BLOCK"
+    icmp_options {
+      type = 3 # Destination Unreachable (common for connectivity checks)
+      code = 4 # Fragmentation needed
+    }
+  }
+  ingress_security_rules {
+    protocol    = "1" # ICMP
+    source      = "0.0.0.0/0"
+    source_type = "CIDR_BLOCK"
+    icmp_options {
+      type = 8 # Echo Request (ping)
+    }
+  }
+}
+
+resource "oci_core_subnet" "my_public_subnet" {
+  compartment_id             = var.compartment_ocid
+  vcn_id                     = oci_core_vcn.my_vpc.id
+  display_name               = "main-public-subnet"
+  cidr_block                 = "10.0.0.0/24"
+  prohibit_public_ip_on_vnic = false # Allows instances in this subnet to get public IPs
+  route_table_id             = oci_core_route_table.my_public_route_table.id
+  security_list_ids          = [oci_core_security_list.my_public_security_list.id]
+  dns_label                  = "mainsub" # Must be unique within the VCN
+}

deploy/oracle/outputs.tf

@@ -0,0 +1,19 @@
+output "host_ip" {
+  description = "The public IP address of the launched instance."
+  value       = oci_core_instance.ubuntu_compute_instance.public_ip
+}
+
+output "instance_id" {
+  description = "The OCID of the launched instance."
+  value       = oci_core_instance.ubuntu_compute_instance.id
+}
+
+output "vpc_ocid" {
+  description = "The OCID of the created VCN."
+  value       = oci_core_vcn.my_vpc.id
+}
+
+output "subnet_ocid" {
+  description = "The OCID of the created public subnet."
+  value       = oci_core_subnet.my_public_subnet.id
+}

deploy/oracle/variables.tf

@@ -0,0 +1,62 @@
+variable "boot_volume_size_in_gbs" {
+  description = "The size of the boot volume in GBs."
+  type        = number
+  default     = 150
+}
+
+variable "cloud_init_script" {
+  description = "A cloud-init script to run on instance launch."
+  type        = string
+  default     = <<-EOF
+              #!/bin/bash
+              echo "Hello from cloud-init!" > /home/ubuntu/cloud-init-output.txt
+              EOF
+}
+
+variable "compartment_ocid" {
+  description = "The OCID of the compartment where the instance will be created."
+  type        = string
+  default     = "ocid1.tenancy.oc1..aaaaaaaaudwr2ozedhjnrn76ofjgglgug6gexknjisd7gb7tkj3mjdp763da"
+}
+
+variable "instance_display_name" {
+  description = "A user-friendly name for the instance."
+  type        = string
+  default     = "noah-nixos"
+}
+
+variable "instance_shape" {
+  description = "The shape of the OCI compute instance."
+  type        = string
+  default     = "VM.Standard.A1.Flex" # Example shape. Choose one available in your region/AD.
+}
+
+variable "object_storage_namespace" {
+  description = "Your OCI Object Storage namespace (usually your tenancy name)."
+  type        = string
+  default     = "masur"
+}
+
+variable "object_storage_bucket_name" {
+  description = "The name of the Object Storage bucket where your custom image is located."
+  type        = string
+  default     = "noahmasur-images"
+}
+
+variable "object_storage_object_name" {
+  description = "The object name (file name) of your custom image in Object Storage."
+  type        = string
+  default     = "nixos.qcow2"
+}
+
+variable "oci_private_key" {
+  type        = string
+  description = "API private key for Oracle Cloud management"
+  sensitive   = true
+}
+
+variable "ssh_public_key" {
+  description = "Your public SSH key content."
+  type        = string
+  default     = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s"
+}