Skip to content

Commit

Permalink
update params and examples
Browse files Browse the repository at this point in the history
  • Loading branch information
jaxxstorm committed Feb 20, 2024
1 parent c9e5c69 commit b06220b
Show file tree
Hide file tree
Showing 12 changed files with 105 additions and 5 deletions.
12 changes: 9 additions & 3 deletions examples/aws/py/__main__.py
Original file line number Diff line number Diff line change
Expand Up @@ -2,20 +2,26 @@

import pulumi
import pulumi_awsx as awsx
import lbrlabs_pulumi_aws_tailscalebastion as lbrlabs
import lbrlabs_pulumi_tailscalebastion as tailscale

vpc = awsx.ec2.Vpc(
"example",
cidr_block="172.20.0.0/22",
# nat_gateways=awsx.ec2.NatGatewayConfigurationArgs(
# strategy=awsx.ec2.NatGatewayStrategy.NONE
# ),
)

bastion = lbrlabs.Bastion(
bastion = tailscale.aws.Bastion(
"example",
vpc_id=vpc.vpc_id,
subnet_ids=vpc.private_subnet_ids,
route="172.20.0.0/22",
tailscale_tags=["tag:bastion"],
region="us-west-2",
high_availability=True,
enable_ssh=True,
)


pulumi.export("vpcId", vpc.id)
pulumi.export("vpcId", vpc.vpc_id)
2 changes: 1 addition & 1 deletion provider/pkg/provider/aws/userdata.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -18,4 +18,4 @@ sudo yum-config-manager --add-repo https://pkgs.tailscale.com/stable/amazon-linu
sudo yum install tailscale -y
sudo systemctl enable --now tailscaled
sleep 10
sudo tailscale up ssh="{{ .EnableSSH }} --advertise-tags=tag:bastion --advertise-routes="{{ .Route }}" --authkey=$(aws ssm get-parameter --name {{.ParameterName}} --region {{.Region}} --with-decryption | jq .Parameter.Value -r) --host-routes
sudo tailscale up --ssh="{{ .EnableSSH }}" --advertise-tags=tag:bastion --advertise-routes="{{ .Route }}" --authkey=$(aws ssm get-parameter --name {{.ParameterName}} --region {{.Region}} --with-decryption | jq .Parameter.Value -r) --host-routes
2 changes: 1 addition & 1 deletion provider/pkg/provider/azure/userdata.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -13,4 +13,4 @@ echo "deb [arch=amd64] https://packages.microsoft.com/repos/azure-cli/ $AZ_REPO
sudo apt-get update
sudo apt-get install azure-cli tailscale

sudo tailscale up --ssh="{{ .EnableSSH }} --advertise-tags="{{ .JoinedTags }}" --advertise-routes="{{ .Route }}" --authkey="{{ .AuthKey }}" --host-routes --accept-dns=false
sudo tailscale up --ssh="{{ .EnableSSH }}" --advertise-tags="{{ .JoinedTags }}" --advertise-routes="{{ .Route }}" --authkey="{{ .AuthKey }}" --host-routes --accept-dns=false
8 changes: 8 additions & 0 deletions schema.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,10 @@ resources:
tailscale-bastion:azure:Bastion:
isComponent: true
inputProperties:
enableSSH:
type: boolean
description: "Whether to enable SSH access to the bastion."
default: true
resourceGroupName:
type: string
description: "The Azure resource group to create the bastion in."
Expand Down Expand Up @@ -54,6 +58,10 @@ resources:
tailscale-bastion:aws:Bastion:
isComponent: true
inputProperties:
enableSSH:
type: boolean
description: "Whether to enable SSH access to the bastion."
default: true
highAvailability:
type: boolean
description: "Whether the bastion should be highly available."
Expand Down
7 changes: 7 additions & 0 deletions sdk/dotnet/TailscaleBastion/Aws/Bastion.cs
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,12 @@ private static ComponentResourceOptions MakeResourceOptions(ComponentResourceOpt

public sealed class BastionArgs : global::Pulumi.ResourceArgs
{
/// <summary>
/// Whether to enable SSH access to the bastion.
/// </summary>
[Input("enableSSH")]
public Input<bool>? EnableSSH { get; set; }

/// <summary>
/// Whether the bastion should be highly available.
/// </summary>
Expand Down Expand Up @@ -110,6 +116,7 @@ public InputList<string> TailscaleTags

public BastionArgs()
{
EnableSSH = true;
HighAvailability = false;
}
public static new BastionArgs Empty => new BastionArgs();
Expand Down
7 changes: 7 additions & 0 deletions sdk/dotnet/TailscaleBastion/Azure/Bastion.cs
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,12 @@ private static ComponentResourceOptions MakeResourceOptions(ComponentResourceOpt

public sealed class BastionArgs : global::Pulumi.ResourceArgs
{
/// <summary>
/// Whether to enable SSH access to the bastion.
/// </summary>
[Input("enableSSH")]
public Input<bool>? EnableSSH { get; set; }

/// <summary>
/// Whether the bastion should be highly available.
/// </summary>
Expand Down Expand Up @@ -104,6 +110,7 @@ public InputList<string> TailscaleTags

public BastionArgs()
{
EnableSSH = true;
HighAvailability = false;
}
public static new BastionArgs Empty => new BastionArgs();
Expand Down
7 changes: 7 additions & 0 deletions sdk/go/bastion/aws/bastion.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

7 changes: 7 additions & 0 deletions sdk/go/bastion/azure/bastion.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 5 additions & 0 deletions sdk/nodejs/aws/bastion.ts
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,7 @@ export class Bastion extends pulumi.ComponentResource {
if ((!args || args.vpcId === undefined) && !opts.urn) {
throw new Error("Missing required property 'vpcId'");
}
resourceInputs["enableSSH"] = (args ? args.enableSSH : undefined) ?? true;
resourceInputs["highAvailability"] = (args ? args.highAvailability : undefined) ?? false;
resourceInputs["instanceType"] = args ? args.instanceType : undefined;
resourceInputs["region"] = args ? args.region : undefined;
Expand All @@ -79,6 +80,10 @@ export class Bastion extends pulumi.ComponentResource {
* The set of arguments for constructing a Bastion resource.
*/
export interface BastionArgs {
/**
* Whether to enable SSH access to the bastion.
*/
enableSSH?: pulumi.Input<boolean>;
/**
* Whether the bastion should be highly available.
*/
Expand Down
5 changes: 5 additions & 0 deletions sdk/nodejs/azure/bastion.ts
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,7 @@ export class Bastion extends pulumi.ComponentResource {
if ((!args || args.tailscaleTags === undefined) && !opts.urn) {
throw new Error("Missing required property 'tailscaleTags'");
}
resourceInputs["enableSSH"] = (args ? args.enableSSH : undefined) ?? true;
resourceInputs["highAvailability"] = (args ? args.highAvailability : undefined) ?? false;
resourceInputs["instanceSku"] = args ? args.instanceSku : undefined;
resourceInputs["location"] = args ? args.location : undefined;
Expand All @@ -79,6 +80,10 @@ export class Bastion extends pulumi.ComponentResource {
* The set of arguments for constructing a Bastion resource.
*/
export interface BastionArgs {
/**
* Whether to enable SSH access to the bastion.
*/
enableSSH?: pulumi.Input<boolean>;
/**
* Whether the bastion should be highly available.
*/
Expand Down
24 changes: 24 additions & 0 deletions sdk/python/lbrlabs_pulumi_tailscalebastion/aws/bastion.py
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ def __init__(__self__, *,
subnet_ids: pulumi.Input[Sequence[pulumi.Input[str]]],
tailscale_tags: pulumi.Input[Sequence[pulumi.Input[str]]],
vpc_id: pulumi.Input[str],
enable_ssh: Optional[pulumi.Input[bool]] = None,
instance_type: Optional[pulumi.Input[str]] = None):
"""
The set of arguments for constructing a Bastion resource.
Expand All @@ -29,6 +30,7 @@ def __init__(__self__, *,
:param pulumi.Input[Sequence[pulumi.Input[str]]] subnet_ids: The subnet Ids to launch instances in.
:param pulumi.Input[Sequence[pulumi.Input[str]]] tailscale_tags: The tags to apply to the tailnet device andauth key. This tag should be added to your oauth key and ACL.
:param pulumi.Input[str] vpc_id: The VPC the Bastion should be created in.
:param pulumi.Input[bool] enable_ssh: Whether to enable SSH access to the bastion.
:param pulumi.Input[str] instance_type: The EC2 instance type to use for the bastion.
"""
if high_availability is None:
Expand All @@ -39,6 +41,10 @@ def __init__(__self__, *,
pulumi.set(__self__, "subnet_ids", subnet_ids)
pulumi.set(__self__, "tailscale_tags", tailscale_tags)
pulumi.set(__self__, "vpc_id", vpc_id)
if enable_ssh is None:
enable_ssh = True
if enable_ssh is not None:
pulumi.set(__self__, "enable_ssh", enable_ssh)
if instance_type is not None:
pulumi.set(__self__, "instance_type", instance_type)

Expand Down Expand Up @@ -114,6 +120,18 @@ def vpc_id(self) -> pulumi.Input[str]:
def vpc_id(self, value: pulumi.Input[str]):
pulumi.set(self, "vpc_id", value)

@property
@pulumi.getter(name="enableSSH")
def enable_ssh(self) -> Optional[pulumi.Input[bool]]:
"""
Whether to enable SSH access to the bastion.
"""
return pulumi.get(self, "enable_ssh")

@enable_ssh.setter
def enable_ssh(self, value: Optional[pulumi.Input[bool]]):
pulumi.set(self, "enable_ssh", value)

@property
@pulumi.getter(name="instanceType")
def instance_type(self) -> Optional[pulumi.Input[str]]:
Expand All @@ -132,6 +150,7 @@ class Bastion(pulumi.ComponentResource):
def __init__(__self__,
resource_name: str,
opts: Optional[pulumi.ResourceOptions] = None,
enable_ssh: Optional[pulumi.Input[bool]] = None,
high_availability: Optional[pulumi.Input[bool]] = None,
instance_type: Optional[pulumi.Input[str]] = None,
region: Optional[pulumi.Input[str]] = None,
Expand All @@ -144,6 +163,7 @@ def __init__(__self__,
Create a Bastion resource with the given unique name, props, and options.
:param str resource_name: The name of the resource.
:param pulumi.ResourceOptions opts: Options for the resource.
:param pulumi.Input[bool] enable_ssh: Whether to enable SSH access to the bastion.
:param pulumi.Input[bool] high_availability: Whether the bastion should be highly available.
:param pulumi.Input[str] instance_type: The EC2 instance type to use for the bastion.
:param pulumi.Input[str] region: The AWS region you're using.
Expand Down Expand Up @@ -175,6 +195,7 @@ def __init__(__self__, resource_name: str, *args, **kwargs):
def _internal_init(__self__,
resource_name: str,
opts: Optional[pulumi.ResourceOptions] = None,
enable_ssh: Optional[pulumi.Input[bool]] = None,
high_availability: Optional[pulumi.Input[bool]] = None,
instance_type: Optional[pulumi.Input[str]] = None,
region: Optional[pulumi.Input[str]] = None,
Expand All @@ -193,6 +214,9 @@ def _internal_init(__self__,
raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource')
__props__ = BastionArgs.__new__(BastionArgs)

if enable_ssh is None:
enable_ssh = True
__props__.__dict__["enable_ssh"] = enable_ssh
if high_availability is None:
high_availability = False
if high_availability is None and not opts.urn:
Expand Down
24 changes: 24 additions & 0 deletions sdk/python/lbrlabs_pulumi_tailscalebastion/azure/bastion.py
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ def __init__(__self__, *,
route: pulumi.Input[str],
subnet_id: pulumi.Input[str],
tailscale_tags: pulumi.Input[Sequence[pulumi.Input[str]]],
enable_ssh: Optional[pulumi.Input[bool]] = None,
instance_sku: Optional[pulumi.Input[str]] = None):
"""
The set of arguments for constructing a Bastion resource.
Expand All @@ -29,6 +30,7 @@ def __init__(__self__, *,
:param pulumi.Input[str] route: The route you'd like to advertise via tailscale.
:param pulumi.Input[str] subnet_id: The subnet Ids to launch instances in.
:param pulumi.Input[Sequence[pulumi.Input[str]]] tailscale_tags: The tags to apply to the tailnet device andauth key. This tag should be added to your oauth key and ACL.
:param pulumi.Input[bool] enable_ssh: Whether to enable SSH access to the bastion.
:param pulumi.Input[str] instance_sku: The Azure instance SKU to use for the bastion.
"""
if high_availability is None:
Expand All @@ -39,6 +41,10 @@ def __init__(__self__, *,
pulumi.set(__self__, "route", route)
pulumi.set(__self__, "subnet_id", subnet_id)
pulumi.set(__self__, "tailscale_tags", tailscale_tags)
if enable_ssh is None:
enable_ssh = True
if enable_ssh is not None:
pulumi.set(__self__, "enable_ssh", enable_ssh)
if instance_sku is not None:
pulumi.set(__self__, "instance_sku", instance_sku)

Expand Down Expand Up @@ -114,6 +120,18 @@ def tailscale_tags(self) -> pulumi.Input[Sequence[pulumi.Input[str]]]:
def tailscale_tags(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]):
pulumi.set(self, "tailscale_tags", value)

@property
@pulumi.getter(name="enableSSH")
def enable_ssh(self) -> Optional[pulumi.Input[bool]]:
"""
Whether to enable SSH access to the bastion.
"""
return pulumi.get(self, "enable_ssh")

@enable_ssh.setter
def enable_ssh(self, value: Optional[pulumi.Input[bool]]):
pulumi.set(self, "enable_ssh", value)

@property
@pulumi.getter(name="instanceSku")
def instance_sku(self) -> Optional[pulumi.Input[str]]:
Expand All @@ -132,6 +150,7 @@ class Bastion(pulumi.ComponentResource):
def __init__(__self__,
resource_name: str,
opts: Optional[pulumi.ResourceOptions] = None,
enable_ssh: Optional[pulumi.Input[bool]] = None,
high_availability: Optional[pulumi.Input[bool]] = None,
instance_sku: Optional[pulumi.Input[str]] = None,
location: Optional[pulumi.Input[str]] = None,
Expand All @@ -144,6 +163,7 @@ def __init__(__self__,
Create a Bastion resource with the given unique name, props, and options.
:param str resource_name: The name of the resource.
:param pulumi.ResourceOptions opts: Options for the resource.
:param pulumi.Input[bool] enable_ssh: Whether to enable SSH access to the bastion.
:param pulumi.Input[bool] high_availability: Whether the bastion should be highly available.
:param pulumi.Input[str] instance_sku: The Azure instance SKU to use for the bastion.
:param pulumi.Input[str] location: The Azure region you're using.
Expand Down Expand Up @@ -175,6 +195,7 @@ def __init__(__self__, resource_name: str, *args, **kwargs):
def _internal_init(__self__,
resource_name: str,
opts: Optional[pulumi.ResourceOptions] = None,
enable_ssh: Optional[pulumi.Input[bool]] = None,
high_availability: Optional[pulumi.Input[bool]] = None,
instance_sku: Optional[pulumi.Input[str]] = None,
location: Optional[pulumi.Input[str]] = None,
Expand All @@ -193,6 +214,9 @@ def _internal_init(__self__,
raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource')
__props__ = BastionArgs.__new__(BastionArgs)

if enable_ssh is None:
enable_ssh = True
__props__.__dict__["enable_ssh"] = enable_ssh
if high_availability is None:
high_availability = False
if high_availability is None and not opts.urn:
Expand Down

0 comments on commit b06220b

Please sign in to comment.