provisioning/workspace/templates/providers/aws/defaults.k

# AWS Provider Defaults Template
# Extracted from wuji infrastructure patterns (real production data)
# Provides AWS configuration with proven production settings

import providers.aws.kcl.defaults_aws as aws_prov
import workspace_templates.lib.compose as comp
import workspace_templates.lib.override as ovr

# AWS defaults configuration schema based on wuji
schema AWSDefaults {
    # Basic configuration
    time_zone: str = "UTC"
    zone: str = "eu-south-2"  # Production zone from wuji

    # Timing configuration
    running_wait: int = 10
    running_timeout: int = 200

    # Default storage configuration (from wuji production)
    default_storages: [any] = [
        {name = "root", size = 15, total = 15, type = "ext4", mount = True, mount_path = "/", parts = []}
    ]

    # OS configuration (Debian 12 x86_64 - production tested)
    storage_os_find: str = "name: debian-12 | arch: x86_64"
    storage_os: str = "ami-0e733f933140cf5cd"  # eu-south-2 Debian 12

    # SSH configuration (will be overridden per infrastructure)
    ssh_key_path: str = "~/.ssh/id_cdci.pub"  # From wuji
    ssh_key_name: str = "cdci"

    # Network configuration
    network_utility_ipv4: bool = True
    network_utility_ipv6: bool = False
    network_public_ipv4: bool = True
    network_public_ipv6: bool = False

    # Private network (customizable per infrastructure)
    network_private_id: str = "CREATE"  # Default to auto-create
    network_private_name: str = "Private_Net"
    priv_cidr_block: str = "10.11.2.0/24"  # Proven CIDR from wuji

    # DNS configuration (local domain from wuji)
    primary_dns: str = ""      # Empty in wuji - use AWS defaults
    secondary_dns: str = ""    # Empty in wuji - use AWS defaults
    main_domain: str = "librecloud.local"     # From wuji
    domains_search: str = "librecloud.local" # From wuji

    # User configuration (AWS-specific from wuji)
    user: str = "devadm"
    user_home: str = "/home/devadm"
    user_ssh_port: int = 22
    fix_local_hosts: bool = True
    installer_user: str = "admin"  # AWS uses admin, not root
}

# AMI mappings for different regions (production tested)
ami_mappings = {
    "eu-south-2": "ami-0e733f933140cf5cd"    # Debian 12 x86_64
    "eu-west-1": "ami-0eb11ab33f229b26c"     # Debian 12 x86_64
    "us-east-1": "ami-xxxxxxxxxxxxxxxxx"     # To be updated
    "us-west-2": "ami-xxxxxxxxxxxxxxxxx"     # To be updated
}

# Template function to create AWS defaults with infrastructure overrides
def create_aws_defaults [
    infrastructure_name: str,
    region: str = "eu-south-2",
    domain: str = "librecloud.local",
    network_config: {str: any} = {},
    overrides: {str: any} = {}
] -> any {
    let base_config = AWSDefaults {
        zone: $region
        network_private_name: $"($infrastructure_name)-net"
        main_domain: $domain
        domains_search: $domain
        # Set AMI based on region
        storage_os: (if $region in $ami_mappings { $ami_mappings.($region) } else { $ami_mappings."eu-south-2" })
    }

    # Apply network-specific configuration
    let with_network = comp.deep_merge $base_config $network_config

    # Apply final overrides
    let final_config = comp.deep_merge $with_network $overrides

    # Create core AWS provider configuration
    aws_prov.ServerDefaults_aws {
        time_zone: $final_config.time_zone
        zone: $final_config.zone
        running_wait: $final_config.running_wait
        running_timeout: $final_config.running_timeout
        storages: $final_config.default_storages
        storage_os_find: $final_config.storage_os_find
        storage_os: $final_config.storage_os
        ssh_key_path: $final_config.ssh_key_path
        ssh_key_name: $final_config.ssh_key_name
        network_utility_ipv4: $final_config.network_utility_ipv4
        network_utility_ipv6: $final_config.network_utility_ipv6
        network_public_ipv4: $final_config.network_public_ipv4
        network_public_ipv6: $final_config.network_public_ipv6
        network_private_id: $final_config.network_private_id
        network_private_name: $final_config.network_private_name
        priv_cidr_block: $final_config.priv_cidr_block
        primary_dns: $final_config.primary_dns
        secondary_dns: $final_config.secondary_dns
        main_domain: $final_config.main_domain
        domains_search: $final_config.domains_search
        user: $final_config.user
        user_home: $final_config.user_home
        user_ssh_port: $final_config.user_ssh_port
        fix_local_hosts: $final_config.fix_local_hosts
        installer_user: $final_config.installer_user
    }
}

# Wuji-specific network configuration (for reference)
wuji_aws_network_config = {
    network_private_id: "03d64e84-50ab-46a3-bf28-b4d93783aa04"
    network_private_name: "Private_Net"
    priv_cidr_block: "10.11.2.0/24"
    zone: "eu-south-2"
}

# Export the template for use in infrastructure
_provider = aws_prov.ServerDefaults_aws {
    time_zone = "UTC"
    zone = "eu-south-2"
    running_wait = 10
    running_timeout = 200
    storages = [
        {name = "root", size = 15, total = 15, type = "ext4", mount = True, mount_path = "/", parts = []}
    ]
    storage_os_find = "name: debian-12 | arch: x86_64"
    storage_os = "ami-0e733f933140cf5cd"
    ssh_key_path = "~/.ssh/id_cdci.pub"
    ssh_key_name = "cdci"
    network_utility_ipv4 = True
    network_utility_ipv6 = False
    network_public_ipv4 = True
    network_public_ipv6 = False
    network_private_id = "CREATE"
    network_private_name = "Private_Net"
    priv_cidr_block = "10.11.2.0/24"
    primary_dns = ""
    secondary_dns = ""
    main_domain = "librecloud.local"
    domains_search = "librecloud.local"
    user = "devadm"
    user_home = "/home/devadm"
    user_ssh_port = 22
    fix_local_hosts = True
    installer_user = "admin"
}

_provider
chore: update provisioning configuration and documentation Update configuration files, templates, and internal documentation for the provisioning repository system. Configuration Updates: - KMS configuration modernization - Plugin system settings - Service port mappings - Test cluster topologies - Installation configuration examples - VM configuration defaults - Cedar authorization policies Documentation Updates: - Library module documentation - Extension API guides - AI system documentation - Service management guides - Test environment setup - Plugin usage guides - Validator configuration documentation All changes are backward compatible. 2025-12-11 21:50:42 +00:00			`# AWS Provider Defaults Template`
			`# Extracted from wuji infrastructure patterns (real production data)`
			`# Provides AWS configuration with proven production settings`

			`import providers.aws.kcl.defaults_aws as aws_prov`
			`import workspace_templates.lib.compose as comp`
			`import workspace_templates.lib.override as ovr`

			`# AWS defaults configuration schema based on wuji`
			`schema AWSDefaults {`
			`# Basic configuration`
			`time_zone: str = "UTC"`
			`zone: str = "eu-south-2" # Production zone from wuji`

			`# Timing configuration`
			`running_wait: int = 10`
			`running_timeout: int = 200`

			`# Default storage configuration (from wuji production)`
			`default_storages: [any] = [`
			`{name = "root", size = 15, total = 15, type = "ext4", mount = True, mount_path = "/", parts = []}`
			`]`

			`# OS configuration (Debian 12 x86_64 - production tested)`
			`storage_os_find: str = "name: debian-12 \| arch: x86_64"`
			`storage_os: str = "ami-0e733f933140cf5cd" # eu-south-2 Debian 12`

			`# SSH configuration (will be overridden per infrastructure)`
			`ssh_key_path: str = "~/.ssh/id_cdci.pub" # From wuji`
			`ssh_key_name: str = "cdci"`

			`# Network configuration`
			`network_utility_ipv4: bool = True`
			`network_utility_ipv6: bool = False`
			`network_public_ipv4: bool = True`
			`network_public_ipv6: bool = False`

			`# Private network (customizable per infrastructure)`
			`network_private_id: str = "CREATE" # Default to auto-create`
			`network_private_name: str = "Private_Net"`
			`priv_cidr_block: str = "10.11.2.0/24" # Proven CIDR from wuji`

			`# DNS configuration (local domain from wuji)`
			`primary_dns: str = "" # Empty in wuji - use AWS defaults`
			`secondary_dns: str = "" # Empty in wuji - use AWS defaults`
			`main_domain: str = "librecloud.local" # From wuji`
			`domains_search: str = "librecloud.local" # From wuji`

			`# User configuration (AWS-specific from wuji)`
			`user: str = "devadm"`
			`user_home: str = "/home/devadm"`
			`user_ssh_port: int = 22`
			`fix_local_hosts: bool = True`
			`installer_user: str = "admin" # AWS uses admin, not root`
			`}`

			`# AMI mappings for different regions (production tested)`
			`ami_mappings = {`
			`"eu-south-2": "ami-0e733f933140cf5cd" # Debian 12 x86_64`
			`"eu-west-1": "ami-0eb11ab33f229b26c" # Debian 12 x86_64`
			`"us-east-1": "ami-xxxxxxxxxxxxxxxxx" # To be updated`
			`"us-west-2": "ami-xxxxxxxxxxxxxxxxx" # To be updated`
			`}`

			`# Template function to create AWS defaults with infrastructure overrides`
			`def create_aws_defaults [`
			`infrastructure_name: str,`
			`region: str = "eu-south-2",`
			`domain: str = "librecloud.local",`
			`network_config: {str: any} = {},`
			`overrides: {str: any} = {}`
			`] -> any {`
			`let base_config = AWSDefaults {`
			`zone: $region`
			`network_private_name: $"($infrastructure_name)-net"`
			`main_domain: $domain`
			`domains_search: $domain`
			`# Set AMI based on region`
			`storage_os: (if $region in $ami_mappings { $ami_mappings.($region) } else { $ami_mappings."eu-south-2" })`
			`}`

			`# Apply network-specific configuration`
			`let with_network = comp.deep_merge $base_config $network_config`

			`# Apply final overrides`
			`let final_config = comp.deep_merge $with_network $overrides`

			`# Create core AWS provider configuration`
			`aws_prov.ServerDefaults_aws {`
			`time_zone: $final_config.time_zone`
			`zone: $final_config.zone`
			`running_wait: $final_config.running_wait`
			`running_timeout: $final_config.running_timeout`
			`storages: $final_config.default_storages`
			`storage_os_find: $final_config.storage_os_find`
			`storage_os: $final_config.storage_os`
			`ssh_key_path: $final_config.ssh_key_path`
			`ssh_key_name: $final_config.ssh_key_name`
			`network_utility_ipv4: $final_config.network_utility_ipv4`
			`network_utility_ipv6: $final_config.network_utility_ipv6`
			`network_public_ipv4: $final_config.network_public_ipv4`
			`network_public_ipv6: $final_config.network_public_ipv6`
			`network_private_id: $final_config.network_private_id`
			`network_private_name: $final_config.network_private_name`
			`priv_cidr_block: $final_config.priv_cidr_block`
			`primary_dns: $final_config.primary_dns`
			`secondary_dns: $final_config.secondary_dns`
			`main_domain: $final_config.main_domain`
			`domains_search: $final_config.domains_search`
			`user: $final_config.user`
			`user_home: $final_config.user_home`
			`user_ssh_port: $final_config.user_ssh_port`
			`fix_local_hosts: $final_config.fix_local_hosts`
			`installer_user: $final_config.installer_user`
			`}`
			`}`

			`# Wuji-specific network configuration (for reference)`
			`wuji_aws_network_config = {`
			`network_private_id: "03d64e84-50ab-46a3-bf28-b4d93783aa04"`
			`network_private_name: "Private_Net"`
			`priv_cidr_block: "10.11.2.0/24"`
			`zone: "eu-south-2"`
			`}`

			`# Export the template for use in infrastructure`
			`_provider = aws_prov.ServerDefaults_aws {`
			`time_zone = "UTC"`
			`zone = "eu-south-2"`
			`running_wait = 10`
			`running_timeout = 200`
			`storages = [`
			`{name = "root", size = 15, total = 15, type = "ext4", mount = True, mount_path = "/", parts = []}`
			`]`
			`storage_os_find = "name: debian-12 \| arch: x86_64"`
			`storage_os = "ami-0e733f933140cf5cd"`
			`ssh_key_path = "~/.ssh/id_cdci.pub"`
			`ssh_key_name = "cdci"`
			`network_utility_ipv4 = True`
			`network_utility_ipv6 = False`
			`network_public_ipv4 = True`
			`network_public_ipv6 = False`
			`network_private_id = "CREATE"`
			`network_private_name = "Private_Net"`
			`priv_cidr_block = "10.11.2.0/24"`
			`primary_dns = ""`
			`secondary_dns = ""`
			`main_domain = "librecloud.local"`
			`domains_search = "librecloud.local"`
			`user = "devadm"`
			`user_home = "/home/devadm"`
			`user_ssh_port = 22`
			`fix_local_hosts = True`
			`installer_user = "admin"`
			`}`

			`_provider`