terraform: import oci infra into state

author: Seth Flynn <[email protected]> 2025-02-06 18:11:46 -0500
committer: Seth Flynn <[email protected]> 2025-02-06 18:12:01 -0500
commit: 72ce5493e34d1f3ce271682cfb3435946f038dca (patch)
tree: 1921c846340fa241f9fbd11fb3373a122d931eb9 /terraform
parent: 178d5606278b5e4bfcb9e3cb8296c4392850b2a8 (diff)
6 files changed, 163 insertions, 16 deletions
diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl
index 486fc0c..e8b0fa9 100644
--- a/terraform/.terraform.lock.hcl
+++ b/terraform/.terraform.lock.hcl
@@ -2,25 +2,25 @@
 # Manual edits may be lost in future updates.
 
 provider "registry.opentofu.org/cloudflare/cloudflare" {
-  version     = "4.51.0"
+  version     = "4.52.0"
   constraints = "~> 4.0"
   hashes = [
-    "h1:BSJjZbUQQpZHQKNHi09R/FVdhM27Lvu45rw2CNALBU4=",
-    "zh:0b58993b11326a6fefa51896bcd54ac56fcfc44ad75b0cef4bfaddf4c75bedf6",
-    "zh:0e80ad26ac8c72a58b8a55ca77249b34a1c62264f267700c0f284ca0ccd6eea6",
-    "zh:12202eeda021cef6c353d58d763d4ff74950b4c81d3a39c5bd371558f490f4ac",
-    "zh:1ab0e050598bac739f8596549394d798993738278917604fc7a47b9247b8d5c7",
-    "zh:46f0981f71ce81ea24065264a55da8823a6776434a1507f6b33bbc2dafb94be3",
-    "zh:48401cde69498dee4fd6892f7dd3d92fedb1ed0d533790b4d418815320fb502f",
-    "zh:4be3212ad0a474ea865d25da0ab22288dcc9fce6ed51e39b45f5a5a71a6a903c",
-    "zh:5ff79f144a2f3bdb00d5cd0de15667b41ac57794e0c7788f25d3c6281227f9e2",
+    "h1:NTaOQfYINA0YTG/V1/9+SYtgX1it63+cBugj4WK4FWc=",
+    "zh:19be1a91c982b902c42aba47766860dfa5dc151eed1e95fd39ca642229381ef0",
+    "zh:1de451c4d1ecf7efbe67b6dace3426ba810711afdd644b0f1b870364c8ae91f8",
+    "zh:352b4a2120173298622e669258744554339d959ac3a95607b117a48ee4a83238",
+    "zh:3c6f1346d9154afbd2d558fabb4b0150fc8d559aa961254144fe1bc17fe6032f",
+    "zh:4c4c92d53fb535b1e0eff26f222bbd627b97d3b4c891ec9c321268676d06152f",
+    "zh:53276f68006c9ceb7cdb10a6ccf91a5c1eadd1407a28edb5741e84e88d7e29e8",
+    "zh:7925a97773948171a63d4f65bb81ee92fd6d07a447e36012977313293a5435c9",
+    "zh:7dfb0a4496cfe032437386d0a2cd9229a1956e9c30bd920923c141b0f0440060",
     "zh:890df766e9b839623b1f0437355032a3c006226a6c200cd911e15ee1a9014e9f",
-    "zh:89dc2b2f2ec3c03e42f0f348ec9f4c6deb7a86ae3594f35216c7439672cd214b",
-    "zh:8f055df13e2f7f158c6d6edc7fa2053c16781ee90cb812a1519bce7378447244",
-    "zh:a00bb5787cf3a252fcaa512ebbf7bb1234853ac745288dc733bed0c95046e9ae",
-    "zh:df3d303d74643f7a269202af8a425472e605a9d97bb4a3886a6ff9dc294b8df8",
-    "zh:e686cc60854151a6c7e154fb1ea6b3b885177d1effc76c259dc68de38743a1fb",
-    "zh:f54159d55ecef0966f9e278d02fa7898c7065d9d646c75f286262f230bbea0a3",
+    "zh:8d4aa79f0a414bb4163d771063c70cd991c8fac6c766e685bac2ee12903c5bd6",
+    "zh:a67540c13565616a7e7e51ee9366e88b0dc60046e1d75c72680e150bd02725bb",
+    "zh:a936383a4767f5393f38f622e92bf2d0c03fe04b69c284951f27345766c7b31b",
+    "zh:d4887d73c466ff036eecf50ad6404ba38fd82ea4855296b1846d244b0f13c380",
+    "zh:e9093c8bd5b6cd99c81666e315197791781b8f93afa14fc2e0f732d1bb2a44b7",
+    "zh:efd3b3f1ec59a37f635aa1d4efcf178734c2fcf8ddb0d56ea690bec342da8672",
   ]
 }
 
@@ -41,6 +41,29 @@ provider "registry.opentofu.org/hashicorp/hcp" {
   ]
 }
 
+provider "registry.opentofu.org/oracle/oci" {
+  version     = "6.25.0"
+  constraints = "~> 6.0"
+  hashes = [
+    "h1:RpKrycLA0HUmYfE7o/D2ZzkNrN3gJjQ1oJyKocWgpz0=",
+    "zh:025a70306d8e64d9ca2b80403c6c3a66fbace10b0b14da152f847f8af39d2519",
+    "zh:1fc947735f2a5332d6fb0c15d54f010e6ba4077e030e8b8a3cb637c179c8a895",
+    "zh:3190adf0b76dba13b830a9d3de081bfea73e72a9e6142937df9e51a48abc8613",
+    "zh:3e0821e4d1505845c69738a539628d623c5785075fa77f0ce12b50bbebb19796",
+    "zh:42cce6c6f96103e37d78eecac10fa672533f24a9ef520d9ad47bc02b0c100c79",
+    "zh:435110feea29b44e1d47e5fd1f28811e59d2ca26f3e8c12e94e065977ed741a1",
+    "zh:48527d6fcf9d43c3e177d230d57ecbe56da9ef00b75d89d01dab84ed4ce3b7df",
+    "zh:660a292819f96a3aad55303dcea9360984735d112614074f0972fd8f5fae62fe",
+    "zh:6b680f1a745c33e90c491069e5b6495657765649e0ec0714ad03ecdd124c4f06",
+    "zh:7ef39b9f45dcbb3e0cb9200e906d2c9474863079d52d2d3beda814a1c30759f2",
+    "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
+    "zh:a85f9dde2129c1ebf6a573eb9c8cffecde606f7b176501e3a96af8314a62f002",
+    "zh:c53cc16f0636af8ca203d312b10ed774518e63666a5f51d0e7d7fd6741fa29b3",
+    "zh:cae377589f6d2c7e88d092cff65f7ec7ecbe046ee4243b2cd803f2d452513504",
+    "zh:e95c3c19c4db7bd2429828ac708813c448e79cdcbac15ec577617e517df9bc68",
+  ]
+}
+
 provider "registry.opentofu.org/tailscale/tailscale" {
   version = "0.17.2"
   hashes = [
diff --git a/terraform/hardware.tf b/terraform/hardware.tf
new file mode 100644
index 0000000..8bf1763
--- /dev/null
+++ b/terraform/hardware.tf
@@ -0,0 +1,20 @@
+resource "oci_core_instance" "atlas" {
+  # availability_domain = data.oci_identity_availability_domains.borealis.availability_domains[0].name
+  availability_domain = "kMzJ:US-CHICAGO-1-AD-1"
+  compartment_id      = oci_identity_compartment.borealis.id
+  shape               = "VM.Standard.A1.Flex"
+
+  create_vnic_details {
+    assign_public_ip = "true"
+    subnet_id        = oci_core_subnet.borealis_global.id
+  }
+
+  display_name = "atlas"
+
+  shape_config {
+    memory_in_gbs = "24"
+    nvmes         = "0"
+    ocpus         = "4"
+    vcpus         = "4"
+  }
+}
diff --git a/terraform/imports.tf b/terraform/imports.tf
new file mode 100644
index 0000000..a94fa34
--- /dev/null
+++ b/terraform/imports.tf
@@ -0,0 +1,16 @@
+import {
+  to = oci_core_instance.atlas
+  id = "ocid1.instance.oc1.us-chicago-1.anxxeljrexqb25ycuh7peoywok5l356wn32c5q5xqpg4md4rgp4tmhtdzh4q"
+}
+import {
+  to = oci_identity_compartment.borealis
+  id = "ocid1.compartment.oc1..aaaaaaaasm3kq7wlnqaufkq7uopjn3i5nzvbyou2lem56g6zjfmvpvg3pi2a"
+}
+import {
+  to = oci_core_vcn.borealis
+  id = "ocid1.vcn.oc1.us-chicago-1.amaaaaaaexqb25yauoxabmb6kcoiseu7jjnf7msqrqjsi4bwxlrvfhmkrtra"
+}
+import {
+  to = oci_core_subnet.borealis_global
+  id = "ocid1.subnet.oc1.us-chicago-1.aaaaaaaa73blsshpatvxrewxptkrs4ws5tkveqpwhgzhqpabivudaeti4rxa"
+}
diff --git a/terraform/main.tf b/terraform/main.tf
index 0fde4cd..2b6d1ab 100644
--- a/terraform/main.tf
+++ b/terraform/main.tf
@@ -13,6 +13,10 @@ terraform {
       source  = "registry.opentofu.org/cloudflare/cloudflare"
       version = "~> 4"
     }
+    oci = {
+      source  = "registry.opentofu.org/oracle/oci"
+      version = "~> 6"
+    }
     hcp = {
       source  = "registry.opentofu.org/hashicorp/hcp"
       version = "~> 0.102"
diff --git a/terraform/oci.tf b/terraform/oci.tf
new file mode 100644
index 0000000..704ff2c
--- /dev/null
+++ b/terraform/oci.tf
@@ -0,0 +1,58 @@
+# Create everything from an existing tenancy
+
+resource "oci_identity_compartment" "borealis" {
+  compartment_id = var.oracle_tenancy_ocid
+  description    = "For my personal infra"
+  name           = "borealis"
+}
+
+data "oci_identity_availability_domains" "borealis" {
+  compartment_id = oci_identity_compartment.borealis.id
+}
+
+output "borealis-first-availability-domain" {
+  value = data.oci_identity_availability_domains.borealis.availability_domains[0].name
+}
+
+resource "oci_core_vcn" "borealis" {
+  compartment_id = oci_identity_compartment.borealis.id
+  display_name   = "borealis"
+}
+
+resource "oci_core_subnet" "borealis_global" {
+  cidr_block     = "10.0.0.0/24"
+  compartment_id = oci_core_vcn.borealis.compartment_id
+  vcn_id         = oci_core_vcn.borealis.id
+
+  display_name = "global"
+}
+
+resource "oci_core_security_list" "borealis_global" {
+  compartment_id = oci_core_vcn.borealis.compartment_id
+  vcn_id         = oci_core_vcn.borealis.id
+
+  display_name = "default"
+
+  egress_security_rules {
+    destination = "0.0.0.0/0"
+    protocol    = "all"
+  }
+
+  ingress_security_rules {
+    icmp_options {
+      code = "4"
+      type = "3"
+    }
+    protocol = "1"
+    source   = "0.0.0.0/0"
+  }
+
+  ingress_security_rules {
+    icmp_options {
+      code = "-1"
+      type = "3"
+    }
+    protocol = "1"
+    source   = "10.0.0.0/16"
+  }
+}
diff --git a/terraform/providers.tf b/terraform/providers.tf
index 7a25835..ca9eddd 100644
--- a/terraform/providers.tf
+++ b/terraform/providers.tf
@@ -10,6 +10,32 @@ provider "cloudflare" {
   api_token = data.hcp_vault_secrets_app.borealis.secrets.cloudflare_api_token
 }
 
+variable "oracle_fingerprint" {
+  type = string
+}
+
+variable "oracle_region" {
+  type = string
+}
+
+variable "oracle_tenancy_ocid" {
+  type = string
+}
+
+variable "oracle_user_ocid" {
+  type = string
+}
+
+provider "oci" {
+  fingerprint = var.oracle_fingerprint
+  # NOTE: Base64-encoded to avoid newlines, etc.
+  # https://github.com/oracle/terraform-provider-oci/issues/2198
+  private_key  = base64decode(data.hcp_vault_secrets_app.borealis.secrets.oracle_private_key)
+  region       = var.oracle_region
+  tenancy_ocid = var.oracle_tenancy_ocid
+  user_ocid    = var.oracle_user_ocid
+}
+
 variable "hcp_client_id" {
   type = string
 }
author	Seth Flynn <[email protected]>	2025-02-06 18:11:46 -0500
committer	Seth Flynn <[email protected]>	2025-02-06 18:12:01 -0500
commit	72ce5493e34d1f3ce271682cfb3435946f038dca (patch)
tree	1921c846340fa241f9fbd11fb3373a122d931eb9 /terraform
parent	178d5606278b5e4bfcb9e3cb8296c4392850b2a8 (diff)