feat: add cloudflare workers ai config and global credentials

oracle/optimized_config.tf

@@ -0,0 +1,142 @@
+terraform {
+  required_providers {
+    oci = {
+      source = "oracle/oci"
+      version = ">= 4.0.0"
+    }
+  }
+}
+
+provider "oci" {
+  config_file_profile = "DEFAULT"
+}
+
+# VCN (Virtual Cloud Network)
+resource "oci_core_vcn" "main_vcn" {
+  compartment_id = var.compartment_id
+  cidr_block     = "10.0.0.0/16"
+  display_name   = "main-vcn"
+  dns_label      = "mainvcn"
+}
+
+# Internet Gateway
+resource "oci_core_internet_gateway" "main_ig" {
+  compartment_id = var.compartment_id
+  display_name   = "main-internet-gateway"
+  vcn_id         = oci_core_vcn.main_vcn.id
+}
+
+# Route Table
+resource "oci_core_route_table" "main_rt" {
+  compartment_id = var.compartment_id
+  vcn_id         = oci_core_vcn.main_vcn.id
+  display_name   = "main-route-table"
+
+  route_rules {
+    destination       = "0.0.0.0/0"
+    destination_type  = "CIDR_BLOCK"
+    network_entity_id = oci_core_internet_gateway.main_ig.id
+  }
+}
+
+# Security List
+resource "oci_core_security_list" "main_sl" {
+  compartment_id = var.compartment_id
+  display_name   = "main-security-list"
+  vcn_id         = oci_core_vcn.main_vcn.id
+
+  egress_security_rules {
+    protocol    = "6"
+    destination = "0.0.0.0/0"
+  }
+
+  ingress_security_rules {
+    protocol = "6"
+    source   = "0.0.0.0/0"
+    tcp_options {
+      min = 22
+      max = 22
+    }
+  }
+
+  ingress_security_rules {
+    protocol = "6"
+    source   = "0.0.0.0/0"
+    tcp_options {
+      min = 80
+      max = 80
+    }
+  }
+
+  ingress_security_rules {
+    protocol = "6"
+    source   = "0.0.0.0/0"
+    tcp_options {
+      min = 443
+      max = 443
+    }
+  }
+
+  ingress_security_rules {
+    protocol = "1"
+    source   = "0.0.0.0/0"
+  }
+}
+
+# Subnet
+resource "oci_core_subnet" "main_subnet" {
+  availability_domain = var.availability_domain
+  cidr_block          = "10.0.1.0/24"
+  compartment_id      = var.compartment_id
+  display_name        = "main-subnet"
+  vcn_id              = oci_core_vcn.main_vcn.id
+  route_table_id      = oci_core_route_table.main_rt.id
+  security_list_ids   = [oci_core_security_list.main_sl.id]
+  dhcp_options_id     = oci_core_vcn.main_vcn.default_dhcp_options_id
+  dns_label           = "mainsub"
+}
+
+# 实例 A1 (高规格实例)
+resource "oci_core_instance" "instance_a1" {
+  availability_domain = var.availability_domain
+  compartment_id      = var.compartment_id
+  display_name        = "instance-A1"
+  shape               = var.a1_shape
+
+  create_vnic_details {
+    subnet_id        = oci_core_subnet.main_subnet.id
+    assign_public_ip = true
+    hostname_label   = "instancea1"
+  }
+
+  source_details {
+    source_type = "image"
+    source_id   = var.image_id
+  }
+
+  metadata = {
+    ssh_authorized_keys = var.ssh_public_key
+  }
+
+  timeouts {
+    create = "60m"
+  }
+}
+
+# 附加块存储卷给 A1 实例
+resource "oci_core_volume" "a1_data_volume" {
+  availability_domain = var.availability_domain
+  compartment_id      = var.compartment_id
+  display_name        = "a1-data-volume"
+  size_in_gbs         = var.a1_storage_size_gb  # 可配置的存储大小
+}
+
+# 将数据卷附加到 A1 实例
+resource "oci_core_volume_attachment" "a1_volume_attachment" {
+  attachment_type = "paravirtualized"
+  instance_id     = oci_core_instance.instance_a1.id
+  volume_id       = oci_core_volume.a1_data_volume.id
+}
+
+# 可选：第二个较小的实例 (如果需要，但现在我们将配置为删除)
+# 对于你的需求，我们会专注于 A1 实例，移除其他小实例