majuna/app/terraform/bridge/ovh.py

from app.models.cloud import CloudProvider
from app.terraform.bridge import BridgeAutomation


class BridgeOvhAutomation(BridgeAutomation):
    short_name = "bridge_ovh"
    description = "Deploy Tor bridges on OVH Public Cloud"
    provider = CloudProvider.OVH

    template_parameters = ["ssh_public_key_path", "ssh_private_key_path"]

    template = """
    terraform {
      {{ backend_config }}
      required_providers {
        random = {
          source = "hashicorp/random"
          version = "3.1.0"
        }
        openstack = {
          source  = "terraform-provider-openstack/openstack"
          version = "~> 1.42.0"
        }
        ovh = {
          source  = "ovh/ovh"
          version = ">= 0.13.0"
        }
      }
    }

    locals {
      public_ssh_key = "{{ ssh_public_key_path }}"
      private_ssh_key = "{{ ssh_private_key_path }}"
    }

    {% for resource in destroyed_resources %}
    {% set bridge, bridgeconf, account = resource %}
    provider "openstack" {
      auth_url    = "https://auth.cloud.ovh.net/v3/"
      domain_name = "Default" # Domain name - Always at 'default' for OVHcloud
      user_name   = "{{ account.credentials["ovh_openstack_user"] }}"
      password    = "{{ account.credentials["ovh_openstack_password"] }}"
      tenant_id   = "{{ account.credentials["ovh_openstack_tenant_id"] }}"
      alias       = "account_{{ bridge.id }}"
    }
    {% endfor %}

    {% for resource in active_resources %}
    {% set bridge, bridgeconf, account = resource %}
    provider "openstack" {
      auth_url    = "https://auth.cloud.ovh.net/v3/"
      domain_name = "Default" # Domain name - Always at 'default' for OVHcloud
      user_name   = "{{ account.credentials["ovh_openstack_user"] }}"
      password    = "{{ account.credentials["ovh_openstack_password"] }}"
      tenant_id   = "{{ account.credentials["ovh_openstack_tenant_id"] }}"
      alias       = "account_{{ bridge.id }}"
    }

    provider "ovh" {
      endpoint           = "ovh-eu"
      application_key    = "{{ account.credentials["ovh_cloud_application_key"] }}"
      application_secret = "{{ account.credentials["ovh_cloud_application_secret"] }}"
      consumer_key       = "{{ account.credentials["ovh_cloud_consumer_key"] }}"
      alias              = "account_{{ bridge.id }}"
    }

    data "ovh_cloud_project_regions" "regions_{{ bridge.id }}" {
      provider        = ovh.account_{{ bridge.id }}
      service_name    = "{{ account.credentials["ovh_openstack_tenant_id"] }}"
      has_services_up = ["instance"]
    }

    resource "random_shuffle" "region_{{ bridge.id }}" {
      input = data.ovh_cloud_project_regions.regions_{{ bridge.id }}.names
      result_count = 1

      lifecycle {
        ignore_changes = [input] # don't replace all the bridges if a new region appears
      }
    }

    module "bridge_{{ bridge.id }}" {
      providers = {
        openstack = openstack.account_{{ bridge.id }}
      }
      source = "{{ terraform_modules_path }}/terraform-openstack-tor-bridge"
      region = one(random_shuffle.region_{{ bridge.id }}.result)
      namespace = "{{ global_namespace }}"
      name = "bridge"
      attributes = ["{{ bridge.id }}"]
      ssh_public_key = local.public_ssh_key
      ssh_private_key = local.private_ssh_key
      contact_info = "hello from onionland"
      distribution_method = "{{ bridgeconf.method }}"
    }

    output "bridge_hashed_fingerprint_{{ bridge.id }}" {
      value = module.bridge_{{ bridge.id }}.hashed_fingerprint
    }

    output "bridge_bridgeline_{{ bridge.id }}" {
      value = module.bridge_{{ bridge.id }}.bridgeline
      sensitive = true
    }
    {% endfor %}
    """
feat: abstracting cloud providers 2023-02-26 12:52:08 +00:00			`from app.models.cloud import CloudProvider`
Initial import 2022-03-10 14:26:22 +00:00			`from app.terraform.bridge import BridgeAutomation`


			`class BridgeOvhAutomation(BridgeAutomation):`
			`short_name = "bridge_ovh"`
automation: establish an automation framework 2022-05-08 17:20:04 +01:00			`description = "Deploy Tor bridges on OVH Public Cloud"`
feat: abstracting cloud providers 2023-02-26 12:52:08 +00:00			`provider = CloudProvider.OVH`
Initial import 2022-03-10 14:26:22 +00:00
lint: reformat python code with black 2024-12-06 18:15:47 +00:00			`template_parameters = ["ssh_public_key_path", "ssh_private_key_path"]`
Initial import 2022-03-10 14:26:22 +00:00
			`template = """`
			`terraform {`
terraform: generate conf with http backend 2022-08-30 10:05:12 +01:00			`{{ backend_config }}`
Initial import 2022-03-10 14:26:22 +00:00			`required_providers {`
			`random = {`
			`source = "hashicorp/random"`
			`version = "3.1.0"`
			`}`
			`openstack = {`
			`source = "terraform-provider-openstack/openstack"`
			`version = "~> 1.42.0"`
			`}`
			`ovh = {`
			`source = "ovh/ovh"`
			`version = ">= 0.13.0"`
			`}`
			`}`
			`}`
ci: add flake8 2022-05-16 13:29:48 +01:00
feat: abstracting cloud providers 2023-02-26 12:52:08 +00:00			`locals {`
			`public_ssh_key = "{{ ssh_public_key_path }}"`
			`private_ssh_key = "{{ ssh_private_key_path }}"`
			`}`

			`{% for resource in destroyed_resources %}`
			`{% set bridge, bridgeconf, account = resource %}`
Initial import 2022-03-10 14:26:22 +00:00			`provider "openstack" {`
			`auth_url = "https://auth.cloud.ovh.net/v3/"`
			`domain_name = "Default" # Domain name - Always at 'default' for OVHcloud`
feat: abstracting cloud providers 2023-02-26 12:52:08 +00:00			`user_name = "{{ account.credentials["ovh_openstack_user"] }}"`
			`password = "{{ account.credentials["ovh_openstack_password"] }}"`
			`tenant_id = "{{ account.credentials["ovh_openstack_tenant_id"] }}"`
			`alias = "account_{{ bridge.id }}"`
Initial import 2022-03-10 14:26:22 +00:00			`}`
feat: abstracting cloud providers 2023-02-26 12:52:08 +00:00			`{% endfor %}`
ci: add flake8 2022-05-16 13:29:48 +01:00
feat: abstracting cloud providers 2023-02-26 12:52:08 +00:00			`{% for resource in active_resources %}`
			`{% set bridge, bridgeconf, account = resource %}`
			`provider "openstack" {`
			`auth_url = "https://auth.cloud.ovh.net/v3/"`
			`domain_name = "Default" # Domain name - Always at 'default' for OVHcloud`
			`user_name = "{{ account.credentials["ovh_openstack_user"] }}"`
			`password = "{{ account.credentials["ovh_openstack_password"] }}"`
			`tenant_id = "{{ account.credentials["ovh_openstack_tenant_id"] }}"`
			`alias = "account_{{ bridge.id }}"`
Initial import 2022-03-10 14:26:22 +00:00			`}`
ci: add flake8 2022-05-16 13:29:48 +01:00
feat: abstracting cloud providers 2023-02-26 12:52:08 +00:00			`provider "ovh" {`
			`endpoint = "ovh-eu"`
			`application_key = "{{ account.credentials["ovh_cloud_application_key"] }}"`
			`application_secret = "{{ account.credentials["ovh_cloud_application_secret"] }}"`
			`consumer_key = "{{ account.credentials["ovh_cloud_consumer_key"] }}"`
			`alias = "account_{{ bridge.id }}"`
Initial import 2022-03-10 14:26:22 +00:00			`}`
ci: add flake8 2022-05-16 13:29:48 +01:00
feat: abstracting cloud providers 2023-02-26 12:52:08 +00:00			`data "ovh_cloud_project_regions" "regions_{{ bridge.id }}" {`
			`provider = ovh.account_{{ bridge.id }}`
			`service_name = "{{ account.credentials["ovh_openstack_tenant_id"] }}"`
Initial import 2022-03-10 14:26:22 +00:00			`has_services_up = ["instance"]`
			`}`
ci: add flake8 2022-05-16 13:29:48 +01:00
Initial import 2022-03-10 14:26:22 +00:00			`resource "random_shuffle" "region_{{ bridge.id }}" {`
feat: abstracting cloud providers 2023-02-26 12:52:08 +00:00			`input = data.ovh_cloud_project_regions.regions_{{ bridge.id }}.names`
Initial import 2022-03-10 14:26:22 +00:00			`result_count = 1`
ci: add flake8 2022-05-16 13:29:48 +01:00
Initial import 2022-03-10 14:26:22 +00:00			`lifecycle {`
			`ignore_changes = [input] # don't replace all the bridges if a new region appears`
			`}`
			`}`
ci: add flake8 2022-05-16 13:29:48 +01:00
Initial import 2022-03-10 14:26:22 +00:00			`module "bridge_{{ bridge.id }}" {`
feat: abstracting cloud providers 2023-02-26 12:52:08 +00:00			`providers = {`
			`openstack = openstack.account_{{ bridge.id }}`
			`}`
bridge: use bundled modules 2022-08-30 10:24:58 +01:00			`source = "{{ terraform_modules_path }}/terraform-openstack-tor-bridge"`
Initial import 2022-03-10 14:26:22 +00:00			`region = one(random_shuffle.region_{{ bridge.id }}.result)`
feat: abstracting cloud providers 2023-02-26 12:52:08 +00:00			`namespace = "{{ global_namespace }}"`
			`name = "bridge"`
Initial import 2022-03-10 14:26:22 +00:00			`attributes = ["{{ bridge.id }}"]`
fix(bridge): ssh_key -> ssh_public_key 2023-02-26 14:07:23 +00:00			`ssh_public_key = local.public_ssh_key`
bridge: be explicit about ssh private key for ovh 2022-05-14 13:53:29 +01:00			`ssh_private_key = local.private_ssh_key`
feat: abstracting cloud providers 2023-02-26 12:52:08 +00:00			`contact_info = "hello from onionland"`
			`distribution_method = "{{ bridgeconf.method }}"`
Initial import 2022-03-10 14:26:22 +00:00			`}`
ci: add flake8 2022-05-16 13:29:48 +01:00
Initial import 2022-03-10 14:26:22 +00:00			`output "bridge_hashed_fingerprint_{{ bridge.id }}" {`
			`value = module.bridge_{{ bridge.id }}.hashed_fingerprint`
			`}`
ci: add flake8 2022-05-16 13:29:48 +01:00
Initial import 2022-03-10 14:26:22 +00:00			`output "bridge_bridgeline_{{ bridge.id }}" {`
			`value = module.bridge_{{ bridge.id }}.bridgeline`
			`sensitive = true`
			`}`
			`{% endfor %}`
			`"""`