From b6f89d3e328ef56a4cdf507909d5c85389a56663 Mon Sep 17 00:00:00 2001
From: Sander van Harmelen <sander@xanzy.io>
Date: Wed, 4 Mar 2015 18:51:07 +0100
Subject: [PATCH] Adding a few new resources
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Tests and docs will be added tomorrow so we can merge the new resources…
---
 builtin/providers/cloudstack/provider.go      |  25 ++-
 .../resource_cloudstack_vpn_connection.go     |  95 +++++++++
 ...esource_cloudstack_vpn_customer_gateway.go | 193 ++++++++++++++++++
 .../resource_cloudstack_vpn_gateway.go        |  97 +++++++++
 4 files changed, 399 insertions(+), 11 deletions(-)
 create mode 100644 builtin/providers/cloudstack/resource_cloudstack_vpn_connection.go
 create mode 100644 builtin/providers/cloudstack/resource_cloudstack_vpn_customer_gateway.go
 create mode 100644 builtin/providers/cloudstack/resource_cloudstack_vpn_gateway.go

diff --git a/builtin/providers/cloudstack/provider.go b/builtin/providers/cloudstack/provider.go
index a9913f6e8..f7ce62725 100644
--- a/builtin/providers/cloudstack/provider.go
+++ b/builtin/providers/cloudstack/provider.go
@@ -35,17 +35,20 @@ func Provider() terraform.ResourceProvider {
 		},
 
 		ResourcesMap: map[string]*schema.Resource{
-			"cloudstack_disk":             resourceCloudStackDisk(),
-			"cloudstack_egress_firewall":  resourceCloudStackEgressFirewall(),
-			"cloudstack_firewall":         resourceCloudStackFirewall(),
-			"cloudstack_instance":         resourceCloudStackInstance(),
-			"cloudstack_ipaddress":        resourceCloudStackIPAddress(),
-			"cloudstack_network":          resourceCloudStackNetwork(),
-			"cloudstack_network_acl":      resourceCloudStackNetworkACL(),
-			"cloudstack_network_acl_rule": resourceCloudStackNetworkACLRule(),
-			"cloudstack_nic":              resourceCloudStackNIC(),
-			"cloudstack_port_forward":     resourceCloudStackPortForward(),
-			"cloudstack_vpc":              resourceCloudStackVPC(),
+			"cloudstack_disk":                 resourceCloudStackDisk(),
+			"cloudstack_egress_firewall":      resourceCloudStackEgressFirewall(),
+			"cloudstack_firewall":             resourceCloudStackFirewall(),
+			"cloudstack_instance":             resourceCloudStackInstance(),
+			"cloudstack_ipaddress":            resourceCloudStackIPAddress(),
+			"cloudstack_network":              resourceCloudStackNetwork(),
+			"cloudstack_network_acl":          resourceCloudStackNetworkACL(),
+			"cloudstack_network_acl_rule":     resourceCloudStackNetworkACLRule(),
+			"cloudstack_nic":                  resourceCloudStackNIC(),
+			"cloudstack_port_forward":         resourceCloudStackPortForward(),
+			"cloudstack_vpc":                  resourceCloudStackVPC(),
+			"cloudstack_vpn_connection":       resourceCloudStackVPNConnection(),
+			"cloudstack_vpn_customer_gateway": resourceCloudStackVPNCustomerGateway(),
+			"cloudstack_vpn_gateway":          resourceCloudStackVPNGateway(),
 		},
 
 		ConfigureFunc: providerConfigure,
diff --git a/builtin/providers/cloudstack/resource_cloudstack_vpn_connection.go b/builtin/providers/cloudstack/resource_cloudstack_vpn_connection.go
new file mode 100644
index 000000000..b036890a5
--- /dev/null
+++ b/builtin/providers/cloudstack/resource_cloudstack_vpn_connection.go
@@ -0,0 +1,95 @@
+package cloudstack
+
+import (
+	"fmt"
+	"log"
+	"strings"
+
+	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/xanzy/go-cloudstack/cloudstack"
+)
+
+func resourceCloudStackVPNConnection() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceCloudStackVPNConnectionCreate,
+		Read:   resourceCloudStackVPNConnectionRead,
+		Delete: resourceCloudStackVPNConnectionDelete,
+
+		Schema: map[string]*schema.Schema{
+			"customergatewayid": &schema.Schema{
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+
+			"vpngatewayid": &schema.Schema{
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+		},
+	}
+}
+
+func resourceCloudStackVPNConnectionCreate(d *schema.ResourceData, meta interface{}) error {
+	cs := meta.(*cloudstack.CloudStackClient)
+
+	// Create a new parameter struct
+	p := cs.VPN.NewCreateVpnConnectionParams(
+		d.Get("customergatewayid").(string),
+		d.Get("vpngatewayid").(string),
+	)
+
+	// Create the new VPN Connection
+	v, err := cs.VPN.CreateVpnConnection(p)
+	if err != nil {
+		return fmt.Errorf("Error creating VPN Connection: %s", err)
+	}
+
+	d.SetId(v.Id)
+
+	return resourceCloudStackVPNConnectionRead(d, meta)
+}
+
+func resourceCloudStackVPNConnectionRead(d *schema.ResourceData, meta interface{}) error {
+	cs := meta.(*cloudstack.CloudStackClient)
+
+	// Get the VPN Connection details
+	v, count, err := cs.VPN.GetVpnConnectionByID(d.Id())
+	if err != nil {
+		if count == 0 {
+			log.Printf("[DEBUG] VPN Connection does no longer exist")
+			d.SetId("")
+			return nil
+		}
+
+		return err
+	}
+
+	d.Set("customergatewayid", v.S2scustomergatewayid)
+	d.Set("vpngatewayid", v.S2svpngatewayid)
+
+	return nil
+}
+
+func resourceCloudStackVPNConnectionDelete(d *schema.ResourceData, meta interface{}) error {
+	cs := meta.(*cloudstack.CloudStackClient)
+
+	// Create a new parameter struct
+	p := cs.VPN.NewDeleteVpnConnectionParams(d.Id())
+
+	// Delete the VPN Connection
+	_, err := cs.VPN.DeleteVpnConnection(p)
+	if err != nil {
+		// This is a very poor way to be told the UUID does no longer exist :(
+		if strings.Contains(err.Error(), fmt.Sprintf(
+			"Invalid parameter id value=%s due to incorrect long value format, "+
+				"or entity does not exist", d.Id())) {
+			return nil
+		}
+
+		return fmt.Errorf("Error deleting VPN Connection: %s", err)
+	}
+
+	return nil
+}
diff --git a/builtin/providers/cloudstack/resource_cloudstack_vpn_customer_gateway.go b/builtin/providers/cloudstack/resource_cloudstack_vpn_customer_gateway.go
new file mode 100644
index 000000000..90a03aeb0
--- /dev/null
+++ b/builtin/providers/cloudstack/resource_cloudstack_vpn_customer_gateway.go
@@ -0,0 +1,193 @@
+package cloudstack
+
+import (
+	"fmt"
+	"log"
+	"strings"
+
+	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/xanzy/go-cloudstack/cloudstack"
+)
+
+func resourceCloudStackVPNCustomerGateway() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceCloudStackVPNCustomerGatewayCreate,
+		Read:   resourceCloudStackVPNCustomerGatewayRead,
+		Update: resourceCloudStackVPNCustomerGatewayUpdate,
+		Delete: resourceCloudStackVPNCustomerGatewayDelete,
+
+		Schema: map[string]*schema.Schema{
+			"name": &schema.Schema{
+				Type:     schema.TypeString,
+				Required: true,
+			},
+
+			"cidr": &schema.Schema{
+				Type:     schema.TypeString,
+				Required: true,
+			},
+
+			"esp_policy": &schema.Schema{
+				Type:     schema.TypeString,
+				Required: true,
+			},
+
+			"gateway": &schema.Schema{
+				Type:     schema.TypeString,
+				Required: true,
+			},
+
+			"ike_policy": &schema.Schema{
+				Type:     schema.TypeString,
+				Required: true,
+			},
+
+			"ipsec_psk": &schema.Schema{
+				Type:     schema.TypeString,
+				Required: true,
+			},
+
+			"dpd": &schema.Schema{
+				Type:     schema.TypeBool,
+				Optional: true,
+				Computed: true,
+			},
+
+			"esp_lifetime": &schema.Schema{
+				Type:     schema.TypeInt,
+				Optional: true,
+				Computed: true,
+			},
+
+			"ike_lifetime": &schema.Schema{
+				Type:     schema.TypeInt,
+				Optional: true,
+				Computed: true,
+			},
+		},
+	}
+}
+
+func resourceCloudStackVPNCustomerGatewayCreate(d *schema.ResourceData, meta interface{}) error {
+	cs := meta.(*cloudstack.CloudStackClient)
+
+	// Create a new parameter struct
+	p := cs.VPN.NewCreateVpnCustomerGatewayParams(
+		d.Get("cidr").(string),
+		d.Get("esp_policy").(string),
+		d.Get("gateway").(string),
+		d.Get("ike_policy").(string),
+		d.Get("ipsec_psk").(string),
+	)
+
+	p.SetName(d.Get("name").(string))
+
+	if dpd, ok := d.GetOk("dpd"); ok {
+		p.SetDpd(dpd.(bool))
+	}
+
+	if esplifetime, ok := d.GetOk("esp_lifetime"); ok {
+		p.SetEsplifetime(esplifetime.(int))
+	}
+
+	if ikelifetime, ok := d.GetOk("ike_lifetime"); ok {
+		p.SetIkelifetime(ikelifetime.(int))
+	}
+
+	// Create the new VPN Customer Gateway
+	v, err := cs.VPN.CreateVpnCustomerGateway(p)
+	if err != nil {
+		return fmt.Errorf("Error creating VPN Customer Gateway %s: %s", d.Get("name").(string), err)
+	}
+
+	d.SetId(v.Id)
+
+	return resourceCloudStackVPNCustomerGatewayRead(d, meta)
+}
+
+func resourceCloudStackVPNCustomerGatewayRead(d *schema.ResourceData, meta interface{}) error {
+	cs := meta.(*cloudstack.CloudStackClient)
+
+	// Get the VPN Customer Gateway details
+	v, count, err := cs.VPN.GetVpnCustomerGatewayByID(d.Id())
+	if err != nil {
+		if count == 0 {
+			log.Printf(
+				"[DEBUG] VPN Customer Gateway %s does no longer exist", d.Get("name").(string))
+			d.SetId("")
+			return nil
+		}
+
+		return err
+	}
+
+	d.Set("name", v.Name)
+	d.Set("cidr", v.Cidrlist)
+	d.Set("esp_policy", v.Esppolicy)
+	d.Set("gateway", v.Gateway)
+	d.Set("ike_policy", v.Ikepolicy)
+	d.Set("ipsec_psk", v.Ipsecpsk)
+	d.Set("dpd", v.Dpd)
+	d.Set("esp_lifetime", v.Esplifetime)
+	d.Set("ike_lifetime", v.Ikelifetime)
+
+	return nil
+}
+
+func resourceCloudStackVPNCustomerGatewayUpdate(d *schema.ResourceData, meta interface{}) error {
+	cs := meta.(*cloudstack.CloudStackClient)
+
+	// Create a new parameter struct
+	p := cs.VPN.NewUpdateVpnCustomerGatewayParams(
+		d.Get("cidr").(string),
+		d.Get("esp_policy").(string),
+		d.Get("gateway").(string),
+		d.Id(),
+		d.Get("ike_policy").(string),
+		d.Get("ipsec_psk").(string),
+	)
+
+	p.SetName(d.Get("name").(string))
+
+	if dpd, ok := d.GetOk("dpd"); ok {
+		p.SetDpd(dpd.(bool))
+	}
+
+	if esplifetime, ok := d.GetOk("esp_lifetime"); ok {
+		p.SetEsplifetime(esplifetime.(int))
+	}
+
+	if ikelifetime, ok := d.GetOk("ike_lifetime"); ok {
+		p.SetIkelifetime(ikelifetime.(int))
+	}
+
+	// Update the VPN Customer Gateway
+	_, err := cs.VPN.UpdateVpnCustomerGateway(p)
+	if err != nil {
+		return fmt.Errorf("Error updating VPN Customer Gateway %s: %s", d.Get("name").(string), err)
+	}
+
+	return resourceCloudStackVPNCustomerGatewayRead(d, meta)
+}
+
+func resourceCloudStackVPNCustomerGatewayDelete(d *schema.ResourceData, meta interface{}) error {
+	cs := meta.(*cloudstack.CloudStackClient)
+
+	// Create a new parameter struct
+	p := cs.VPN.NewDeleteVpnCustomerGatewayParams(d.Id())
+
+	// Delete the VPN Customer Gateway
+	_, err := cs.VPN.DeleteVpnCustomerGateway(p)
+	if err != nil {
+		// This is a very poor way to be told the UUID does no longer exist :(
+		if strings.Contains(err.Error(), fmt.Sprintf(
+			"Invalid parameter id value=%s due to incorrect long value format, "+
+				"or entity does not exist", d.Id())) {
+			return nil
+		}
+
+		return fmt.Errorf("Error deleting VPN Customer Gateway %s: %s", d.Get("name").(string), err)
+	}
+
+	return nil
+}
diff --git a/builtin/providers/cloudstack/resource_cloudstack_vpn_gateway.go b/builtin/providers/cloudstack/resource_cloudstack_vpn_gateway.go
new file mode 100644
index 000000000..650df6530
--- /dev/null
+++ b/builtin/providers/cloudstack/resource_cloudstack_vpn_gateway.go
@@ -0,0 +1,97 @@
+package cloudstack
+
+import (
+	"fmt"
+	"log"
+	"strings"
+
+	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/xanzy/go-cloudstack/cloudstack"
+)
+
+func resourceCloudStackVPNGateway() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceCloudStackVPNGatewayCreate,
+		Read:   resourceCloudStackVPNGatewayRead,
+		Delete: resourceCloudStackVPNGatewayDelete,
+
+		Schema: map[string]*schema.Schema{
+			"vpc": &schema.Schema{
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+
+			"publicip": &schema.Schema{
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+		},
+	}
+}
+
+func resourceCloudStackVPNGatewayCreate(d *schema.ResourceData, meta interface{}) error {
+	cs := meta.(*cloudstack.CloudStackClient)
+
+	// Retrieve the VPC UUID
+	vpcid, e := retrieveUUID(cs, "vpc", d.Get("vpc").(string))
+	if e != nil {
+		return e.Error()
+	}
+
+	// Create a new parameter struct
+	p := cs.VPN.NewCreateVpnGatewayParams(vpcid)
+
+	// Create the new VPN Gateway
+	v, err := cs.VPN.CreateVpnGateway(p)
+	if err != nil {
+		return fmt.Errorf("Error creating VPN Gateway for VPC %s: %s", d.Get("vpc").(string), err)
+	}
+
+	d.SetId(v.Id)
+
+	return resourceCloudStackVPNGatewayRead(d, meta)
+}
+
+func resourceCloudStackVPNGatewayRead(d *schema.ResourceData, meta interface{}) error {
+	cs := meta.(*cloudstack.CloudStackClient)
+
+	// Get the VPN Gateway details
+	v, count, err := cs.VPN.GetVpnGatewayByID(d.Id())
+	if err != nil {
+		if count == 0 {
+			log.Printf(
+				"[DEBUG] VPN Gateway for VPC %s does no longer exist", d.Get("vpc").(string))
+			d.SetId("")
+			return nil
+		}
+
+		return err
+	}
+
+	d.Set("publicip", v.Publicip)
+
+	return nil
+}
+
+func resourceCloudStackVPNGatewayDelete(d *schema.ResourceData, meta interface{}) error {
+	cs := meta.(*cloudstack.CloudStackClient)
+
+	// Create a new parameter struct
+	p := cs.VPN.NewDeleteVpnGatewayParams(d.Id())
+
+	// Delete the VPN Gateway
+	_, err := cs.VPN.DeleteVpnGateway(p)
+	if err != nil {
+		// This is a very poor way to be told the UUID does no longer exist :(
+		if strings.Contains(err.Error(), fmt.Sprintf(
+			"Invalid parameter id value=%s due to incorrect long value format, "+
+				"or entity does not exist", d.Id())) {
+			return nil
+		}
+
+		return fmt.Errorf("Error deleting VPN Gateway for VPC %s: %s", d.Get("vpc").(string), err)
+	}
+
+	return nil
+}