trator terranix config functional; move disko configs to individual outputs; touching up trantor

terranix/oci/trantor.nix

@@ -3,16 +3,16 @@
 {
   terraform.required_providers.oci = {
     source = "oracle/oci";
-    version = "~> 5.0";
+    version = "~> 7.0";
   };
 
   provider.oci.region = "sa-saopaulo-1";
 
   terraform.backend.s3 = {
     bucket = "terraform-state";
-    key = "oci/homelab.tfstate";
+    key = "oci/trantor.tfstate";
     region = "auto";
-    endpoint = "https://<ACCOUNT_ID>.r2.cloudflarestorage.com";
+    endpoint = "https://fcdf920bde00c3d013ee541f984da70e.r2.cloudflarestorage.com";
     skip_credentials_validation = true;
     skip_metadata_api_check = true;
     skip_region_validation = true;
@@ -21,8 +21,13 @@
   };
 
   variable = {
+    tenancy_ocid = {
+      default = "ocid1.tenancy.oc1..aaaaaaaap3vfdz4piygqza6e6zqunbcuso43ddqfo3ydmpmnomidyghh7rvq";
+      type = "string";
+    };
+
     compartment_name = {
-      default = "homelab";
+      default = "trantor";
       type = "string";
     };
 
@@ -46,14 +51,12 @@
   };
 
   data = {
-    oci_identity_tenancy.tenancy = { };
-
     oci_identity_availability_domains.ads = {
-      compartment_id = config.data.oci_identity_tenancy.tenancy.id;
+      compartment_id = config.variable.tenancy_ocid.default;
     };
 
     oci_core_images.ubuntu_arm = {
-      compartment_id = config.data.oci_identity_tenancy.tenancy.id;
+      compartment_id = config.variable.tenancy_ocid.default;
       operating_system = "Canonical Ubuntu";
       operating_system_version = "24.04";
       shape = "VM.Standard.A1.Flex";
@@ -63,34 +66,34 @@
   };
 
   resource = {
-    oci_identity_compartment.homelab = {
-      compartment_id = config.data.oci_identity_tenancy.tenancy.id;
-      description = "Homelab infrastructure compartment";
+    oci_identity_compartment.trantor = {
+      compartment_id = config.variable.tenancy_ocid.default;
+      description = "trantor infrastructure compartment";
       name = config.variable.compartment_name.default;
     };
 
     oci_core_vcn.vcn = {
-      compartment_id = config.resource.oci_identity_compartment.homelab.id;
+      compartment_id = config.resource.oci_identity_compartment.trantor "id";
       cidr_blocks = [ config.variable.vcn_cidr.default ];
-      display_name = "homelab-vcn";
-      dns_label = "homelab";
+      display_name = "trantor-vcn";
+      dns_label = "trantor";
     };
 
     oci_core_internet_gateway.ig = {
-      compartment_id = config.resource.oci_identity_compartment.homelab.id;
-      vcn_id = config.resource.oci_core_vcn.vcn.id;
-      display_name = "homelab-ig";
+      compartment_id = config.resource.oci_identity_compartment.trantor "id";
+      vcn_id = config.resource.oci_core_vcn.vcn "id";
+      display_name = "trantor-ig";
       enabled = true;
     };
 
     oci_core_route_table.rt = {
-      compartment_id = config.resource.oci_identity_compartment.homelab.id;
-      vcn_id = config.resource.oci_core_vcn.vcn.id;
-      display_name = "homelab-rt";
+      compartment_id = config.resource.oci_identity_compartment.trantor "id";
+      vcn_id = config.resource.oci_core_vcn.vcn "id";
+      display_name = "trantor-rt";
 
       route_rules = [
         {
-          network_entity_id = config.resource.oci_core_internet_gateway.ig.id;
+          network_entity_id = config.resource.oci_core_internet_gateway.ig "id";
           destination = "0.0.0.0/0";
           destination_type = "CIDR_BLOCK";
         }
@@ -98,9 +101,9 @@
     };
 
     oci_core_security_list.sl = {
-      compartment_id = config.resource.oci_identity_compartment.homelab.id;
-      vcn_id = config.resource.oci_core_vcn.vcn.id;
-      display_name = "homelab-sl";
+      compartment_id = config.resource.oci_identity_compartment.trantor "id";
+      vcn_id = config.resource.oci_core_vcn.vcn "id";
+      display_name = "trantor-sl";
 
       egress_security_rules = [
         {
@@ -138,23 +141,50 @@
             max = 443;
           };
         }
+        {
+          protocol = "6"; # TCP
+          source = "0.0.0.0/0";
+          stateless = false;
+          tcp_options = {
+            min = 25565;
+            max = 25565;
+          };
+        }
+        {
+          protocol = "6"; # TCP
+          source = "0.0.0.0/0";
+          stateless = false;
+          tcp_options = {
+            min = 19132;
+            max = 19133;
+          };
+        }
+        {
+          protocol = "17"; # UDP
+          source = "0.0.0.0/0";
+          stateless = false;
+          udp_options = {
+            min = 19132;
+            max = 19133;
+          };
+        }
       ];
     };
 
     oci_core_subnet.subnet = {
-      compartment_id = config.resource.oci_identity_compartment.homelab.id;
-      vcn_id = config.resource.oci_core_vcn.vcn.id;
+      compartment_id = config.resource.oci_identity_compartment.trantor "id";
+      vcn_id = config.resource.oci_core_vcn.vcn "id";
       cidr_block = config.variable.vcn_cidr.default;
-      display_name = "homelab-subnet";
+      display_name = "trantor-subnet";
       dns_label = "subnet";
-      route_table_id = config.resource.oci_core_route_table.rt.id;
-      security_list_ids = [ config.resource.oci_core_security_list.sl.id ];
+      route_table_id = config.resource.oci_core_route_table.rt "id";
+      security_list_ids = [ (config.resource.oci_core_security_list.sl "id") ];
       prohibit_public_ip_on_vnic = false;
     };
 
     oci_core_instance.trantor = {
-      availability_domain = config.data.oci_identity_availability_domains.ads.availability_domains .0.name;
-      compartment_id = config.resource.oci_identity_compartment.homelab.id;
+      availability_domain = config.data.oci_identity_availability_domains.ads "availability_domains[0].name";
+      compartment_id = config.resource.oci_identity_compartment.trantor "id";
       display_name = config.variable.instance_name.default;
       shape = "VM.Standard.A1.Flex";
 
@@ -165,12 +195,12 @@
 
       source_details = {
         source_type = "image";
-        source_id = config.data.oci_core_images.ubuntu_arm.images .0.id;
-        boot_volume_size_in_gbs = 50;
+        source_id = config.data.oci_core_images.ubuntu_arm "images[0].id";
+        boot_volume_size_in_gbs = 100;
       };
 
       create_vnic_details = {
-        subnet_id = config.resource.oci_core_subnet.subnet.id;
+        subnet_id = config.resource.oci_core_subnet.subnet "id";
         display_name = "trantor-vnic";
         assign_public_ip = true;
         hostname_label = config.variable.instance_name.default;
@@ -182,15 +212,35 @@
 
       preserve_boot_volume = false;
     };
+
+    oci_budget_budget.trantor_budget = {
+      compartment_id = config.variable.tenancy_ocid.default;
+      targets = [ (config.resource.oci_identity_compartment.trantor "id") ];
+      amount = 1;
+      reset_period = "MONTHLY";
+      display_name = "trantor-budget";
+      description = "Monthly budget for trantor compartment";
+      target_type = "COMPARTMENT";
+    };
+
+    oci_budget_alert_rule.daily_spend_alert = {
+      budget_id = config.resource.oci_budget_budget.trantor_budget "id";
+      type = "ACTUAL";
+      threshold = 5;
+      threshold_type = "PERCENTAGE";
+      display_name = "daily-spend-alert";
+      description = "Alert when daily spending exceeds $0.05";
+      message = "Daily spending has exceeded $0.05 in the trantor compartment";
+    };
   };
 
   output = {
     compartment_id = {
-      value = config.resource.oci_identity_compartment.homelab.id;
+      value = config.resource.oci_identity_compartment.trantor "id";
     };
 
     instance_public_ip = {
-      value = config.resource.oci_core_instance.trantor.public_ip;
+      value = config.resource.oci_core_instance.trantor "public_ip";
     };
   };
 }