provisioning/workspace/templates/providers/aws/defaults.k

# AWS Provider Defaults Template
# Extracted from wuji infrastructure patterns (real production data)
# Provides AWS configuration with proven production settings

import providers.aws.kcl.defaults_aws as aws_prov
import workspace_templates.lib.compose as comp
import workspace_templates.lib.override as ovr

# AWS defaults configuration schema based on wuji
schema AWSDefaults {
    # Basic configuration
    time_zone: str = "UTC"
    zone: str = "eu-south-2"  # Production zone from wuji

    # Timing configuration
    running_wait: int = 10
    running_timeout: int = 200

    # Default storage configuration (from wuji production)
    default_storages: [any] = [
        {name = "root", size = 15, total = 15, type = "ext4", mount = True, mount_path = "/", parts = []}
    ]

    # OS configuration (Debian 12 x86_64 - production tested)
    storage_os_find: str = "name: debian-12 | arch: x86_64"
    storage_os: str = "ami-0e733f933140cf5cd"  # eu-south-2 Debian 12

    # SSH configuration (will be overridden per infrastructure)
    ssh_key_path: str = "~/.ssh/id_cdci.pub"  # From wuji
    ssh_key_name: str = "cdci"

    # Network configuration
    network_utility_ipv4: bool = True
    network_utility_ipv6: bool = False
    network_public_ipv4: bool = True
    network_public_ipv6: bool = False

    # Private network (customizable per infrastructure)
    network_private_id: str = "CREATE"  # Default to auto-create
    network_private_name: str = "Private_Net"
    priv_cidr_block: str = "10.11.2.0/24"  # Proven CIDR from wuji

    # DNS configuration (local domain from wuji)
    primary_dns: str = ""      # Empty in wuji - use AWS defaults
    secondary_dns: str = ""    # Empty in wuji - use AWS defaults
    main_domain: str = "librecloud.local"     # From wuji
    domains_search: str = "librecloud.local" # From wuji

    # User configuration (AWS-specific from wuji)
    user: str = "devadm"
    user_home: str = "/home/devadm"
    user_ssh_port: int = 22
    fix_local_hosts: bool = True
    installer_user: str = "admin"  # AWS uses admin, not root
}

# AMI mappings for different regions (production tested)
ami_mappings = {
    "eu-south-2": "ami-0e733f933140cf5cd"    # Debian 12 x86_64
    "eu-west-1": "ami-0eb11ab33f229b26c"     # Debian 12 x86_64
    "us-east-1": "ami-xxxxxxxxxxxxxxxxx"     # To be updated
    "us-west-2": "ami-xxxxxxxxxxxxxxxxx"     # To be updated
}

# Template function to create AWS defaults with infrastructure overrides
def create_aws_defaults [
    infrastructure_name: str,
    region: str = "eu-south-2",
    domain: str = "librecloud.local",
    network_config: {str: any} = {},
    overrides: {str: any} = {}
] -> any {
    let base_config = AWSDefaults {
        zone: $region
        network_private_name: $"($infrastructure_name)-net"
        main_domain: $domain
        domains_search: $domain
        # Set AMI based on region
        storage_os: (if $region in $ami_mappings { $ami_mappings.($region) } else { $ami_mappings."eu-south-2" })
    }

    # Apply network-specific configuration
    let with_network = comp.deep_merge $base_config $network_config

    # Apply final overrides
    let final_config = comp.deep_merge $with_network $overrides

    # Create core AWS provider configuration
    aws_prov.ServerDefaults_aws {
        time_zone: $final_config.time_zone
        zone: $final_config.zone
        running_wait: $final_config.running_wait
        running_timeout: $final_config.running_timeout
        storages: $final_config.default_storages
        storage_os_find: $final_config.storage_os_find
        storage_os: $final_config.storage_os
        ssh_key_path: $final_config.ssh_key_path
        ssh_key_name: $final_config.ssh_key_name
        network_utility_ipv4: $final_config.network_utility_ipv4
        network_utility_ipv6: $final_config.network_utility_ipv6
        network_public_ipv4: $final_config.network_public_ipv4
        network_public_ipv6: $final_config.network_public_ipv6
        network_private_id: $final_config.network_private_id
        network_private_name: $final_config.network_private_name
        priv_cidr_block: $final_config.priv_cidr_block
        primary_dns: $final_config.primary_dns
        secondary_dns: $final_config.secondary_dns
        main_domain: $final_config.main_domain
        domains_search: $final_config.domains_search
        user: $final_config.user
        user_home: $final_config.user_home
        user_ssh_port: $final_config.user_ssh_port
        fix_local_hosts: $final_config.fix_local_hosts
        installer_user: $final_config.installer_user
    }
}

# Wuji-specific network configuration (for reference)
wuji_aws_network_config = {
    network_private_id: "03d64e84-50ab-46a3-bf28-b4d93783aa04"
    network_private_name: "Private_Net"
    priv_cidr_block: "10.11.2.0/24"
    zone: "eu-south-2"
}

# Export the template for use in infrastructure
_provider = aws_prov.ServerDefaults_aws {
    time_zone = "UTC"
    zone = "eu-south-2"
    running_wait = 10
    running_timeout = 200
    storages = [
        {name = "root", size = 15, total = 15, type = "ext4", mount = True, mount_path = "/", parts = []}
    ]
    storage_os_find = "name: debian-12 | arch: x86_64"
    storage_os = "ami-0e733f933140cf5cd"
    ssh_key_path = "~/.ssh/id_cdci.pub"
    ssh_key_name = "cdci"
    network_utility_ipv4 = True
    network_utility_ipv6 = False
    network_public_ipv4 = True
    network_public_ipv6 = False
    network_private_id = "CREATE"
    network_private_name = "Private_Net"
    priv_cidr_block = "10.11.2.0/24"
    primary_dns = ""
    secondary_dns = ""
    main_domain = "librecloud.local"
    domains_search = "librecloud.local"
    user = "devadm"
    user_home = "/home/devadm"
    user_ssh_port = 22
    fix_local_hosts = True
    installer_user = "admin"
}

_provider