First Commit

deploy/oci/cloud-init.yaml

@@ -0,0 +1,14 @@
+#cloud-config
+package_update: true
+package_upgrade: false
+runcmd:
+  - curl -fsSL https://get.docker.com | sh
+  - usermod -aG docker ubuntu || true
+  - mkdir -p /opt/greencoast
+  - apt-get update && apt-get install -y git ca-certificates
+  - git clone --depth=1 https://github.com/yourname/greencoast.git /opt/greencoast
+  - cd /opt/greencoast && docker compose pull || true
+  - cd /opt/greencoast && docker compose up -d
+  - ufw allow 8080/tcp || true
+  - ufw allow 8081/tcp || true
+final_message: "GreenCoast shard bootstrapped on ports 8080/8081."

deploy/oci/main.tf

@@ -0,0 +1,114 @@
+terraform {
+  required_providers {
+    oci = {
+      source  = "oracle/oci"
+      version = "~> 6.0"
+    }
+  }
+  required_version = ">= 1.5.0"
+}
+
+provider "oci" {
+  region = var.region
+}
+
+data "oci_identity_availability_domain" "ad1" {
+  compartment_id = var.compartment_ocid
+  ad_number      = 1
+}
+
+resource "oci_core_vcn" "gc" {
+  cidr_block     = "10.42.0.0/16"
+  compartment_id = var.compartment_ocid
+  display_name   = "gc-vcn"
+}
+
+resource "oci_core_internet_gateway" "igw" {
+  compartment_id = var.compartment_ocid
+  vcn_id         = oci_core_vcn.gc.id
+  display_name   = "gc-igw"
+  enabled        = true
+}
+
+resource "oci_core_route_table" "rt" {
+  compartment_id = var.compartment_ocid
+  vcn_id         = oci_core_vcn.gc.id
+  display_name   = "gc-rt"
+  route_rules {
+    network_entity_id = oci_core_internet_gateway.igw.id
+    destination       = "0.0.0.0/0"
+    destination_type  = "CIDR_BLOCK"
+  }
+}
+
+resource "oci_core_subnet" "subnet" {
+  cidr_block                 = "10.42.1.0/24"
+  compartment_id             = var.compartment_ocid
+  vcn_id                     = oci_core_vcn.gc.id
+  display_name               = "gc-subnet"
+  prohibit_public_ip_on_vnic = false
+  route_table_id             = oci_core_route_table.rt.id
+  dns_label                  = "gcsubnet"
+}
+
+resource "oci_core_security_list" "sl" {
+  compartment_id = var.compartment_ocid
+  vcn_id         = oci_core_vcn.gc.id
+  display_name   = "gc-sec"
+
+  egress_security_rules {
+    destination = "0.0.0.0/0"
+    protocol    = "all"
+  }
+
+  ingress_security_rules {
+    protocol = "6"
+    source   = "0.0.0.0/0"
+    tcp_options { min = 22,   max = 22 }   # SSH
+  }
+
+  ingress_security_rules {
+    protocol = "6"
+    source   = "0.0.0.0/0"
+    tcp_options { min = 8080, max = 8080 } # API
+  }
+
+  ingress_security_rules {
+    protocol = "6"
+    source   = "0.0.0.0/0"
+    tcp_options { min = 8081, max = 8081 } # WS
+  }
+}
+
+resource "oci_core_instance" "vm" {
+  compartment_id      = var.compartment_ocid
+  availability_domain = data.oci_identity_availability_domain.ad1.name
+
+  shape = var.shape
+
+  shape_config {
+    ocpus         = var.ocpus
+    memory_in_gbs = var.memory_gb
+  }
+
+  source_details {
+    source_type = "image"
+    source_id   = var.image_ocid
+  }
+
+  create_vnic_details {
+    subnet_id        = oci_core_subnet.subnet.id
+    assign_public_ip = true
+  }
+
+  metadata = {
+    user_data           = filebase64("${path.module}/cloud-init.yaml")
+    ssh_authorized_keys = var.ssh_public_key
+  }
+
+  display_name = "greencoast-shard"
+}
+
+output "public_ip" {
+  value = oci_core_instance.vm.public_ip
+}