remove old pg single server, variables cleanup

Tietokilta · Nov 7, 2023 · d997a86 · d997a86
1 parent 8af5c75
commit d997a86
Show file tree

Hide file tree

Showing 8 changed files with 18 additions and 89 deletions.
diff --git a/main.tf b/main.tf
@@ -133,9 +133,8 @@ module "cms" {
   env_name                     = "prod"
   resource_group_name          = module.common.resource_group_name
   resource_group_location      = local.resource_group_location
-  postgres_server_name         = module.common.postgres_server_new_name
-  postgres_server_fqdn         = module.common.postgres_server_new_fqdn
-  postgres_server_id           = module.common.postgres_server_new_id
+  postgres_server_fqdn         = module.common.postgres_server_fqdn
+  postgres_server_id           = module.common.postgres_server_id
   postgres_admin_password      = module.common.postgres_admin_password
   strapi_jwt_secret            = module.keyvault.strapi_jwt_secret
   strapi_admin_jwt_secret      = module.keyvault.strapi_admin_jwt_secret
@@ -155,11 +154,9 @@ module "ilmo" {
   env_name                = "prod"
   resource_group_name     = module.common.resource_group_name
   resource_group_location = local.resource_group_location
-  postgres_server_name    = module.common.postgres_server_name
-  postgres_server_fqdn    = module.common.postgres_server_new_fqdn
-  postgres_server_host    = module.common.postgres_server_name
+  postgres_server_fqdn    = module.common.postgres_server_fqdn
   postgres_admin_password = module.common.postgres_admin_password
-  postgres_server_new_id  = module.common.postgres_server_new_id
+  postgres_server_id      = module.common.postgres_server_id
   edit_token_secret       = module.keyvault.ilmo_edit_token_secret
   auth_jwt_secret         = module.keyvault.ilmo_auth_jwt_secret
   mailgun_api_key         = module.keyvault.ilmo_mailgun_api_key
@@ -191,12 +188,9 @@ module "tenttiarkisto" {
   env_name                     = "prod"
   postgres_resource_group_name = module.common.resource_group_name
   resource_group_location      = local.resource_group_location
-  postgres_server_name         = module.common.postgres_server_name
   postgres_server_fqdn         = module.common.postgres_server_fqdn
-  postgres_server_host         = module.common.postgres_server_name
   postgres_admin_password      = module.common.postgres_admin_password
-  postgres_server_new_id       = module.common.postgres_server_new_id
-  postgres_server_new_fqdn     = module.common.postgres_server_new_fqdn
+  postgres_server_id           = module.common.postgres_server_id
   tikweb_app_plan_id           = module.common.tikweb_app_plan_id
   tikweb_app_plan_rg_location  = module.common.resource_group_location
   tikweb_app_plan_rg_name      = module.common.resource_group_name

diff --git a/modules/cms/variables.tf b/modules/cms/variables.tf
@@ -10,10 +10,6 @@ variable "resource_group_location" {
   type = string
 }
 
-variable "postgres_server_name" {
-  type = string
-}
-
 variable "postgres_server_fqdn" {
   type = string
 }

diff --git a/modules/common/main.tf b/modules/common/main.tf
@@ -19,25 +19,7 @@ resource "random_password" "db_password" {
   override_special = "_%@"
 }
 
-# Shared Postgres server
-resource "azurerm_postgresql_server" "tikweb_pg" {
-  name                = "tikweb-${var.env_name}-pg-server"
-  location            = azurerm_resource_group.tikweb_rg.location
-  resource_group_name = azurerm_resource_group.tikweb_rg.name
-
-  sku_name = "B_Gen5_1"
-
-  storage_mb                   = 10240 # 10 GB
-  backup_retention_days        = 7
-  geo_redundant_backup_enabled = false
-  auto_grow_enabled            = false
-
-  administrator_login          = "tietokilta"
-  administrator_login_password = random_password.db_password.result
-  version                      = "11"
-  ssl_enforcement_enabled      = true
-}
-
+# Shared Postgres
 resource "azurerm_postgresql_flexible_server" "tikweb_pg_new" {
   name                         = "tikweb-${var.env_name}-pg-server-new"
   resource_group_name          = azurerm_resource_group.tikweb_rg.name
@@ -52,22 +34,13 @@ resource "azurerm_postgresql_flexible_server" "tikweb_pg_new" {
   auto_grow_enabled            = false
   zone                         = "2"
 }
-# very secure accesses yes
+# Enable access from other Azure services
 resource "azurerm_postgresql_flexible_server_firewall_rule" "tikweb_pg_new_firewall" {
   name             = "tikweb-${var.env_name}-pg-new"
   server_id        = azurerm_postgresql_flexible_server.tikweb_pg_new.id
   start_ip_address = "0.0.0.0"
   end_ip_address   = "0.0.0.0"
 }
-# Enable access from other Azure services
-resource "azurerm_postgresql_firewall_rule" "tikweb_pg_internal_access" {
-  name                = "tikweb-${var.env_name}-pg-internal-access"
-  resource_group_name = azurerm_resource_group.tikweb_rg.name
-  server_name         = azurerm_postgresql_server.tikweb_pg.name
-  start_ip_address    = "0.0.0.0"
-  end_ip_address      = "0.0.0.0"
-}
-
 # Shared App Service Plan
 resource "azurerm_service_plan" "tikweb_plan" {
   name                = "tik-${var.env_name}-app-service-plan"

diff --git a/modules/common/output.tf b/modules/common/output.tf
@@ -4,32 +4,25 @@ output "resource_group_name" {
 output "resource_group_location" {
   value = azurerm_resource_group.tikweb_rg.location
 }
-output "postgres_server_name" {
-  value = azurerm_postgresql_server.tikweb_pg.name
-}
-
-output "postgres_server_fqdn" {
-  value = azurerm_postgresql_server.tikweb_pg.fqdn
-}
 
 output "postgres_admin_password" {
-  value     = azurerm_postgresql_server.tikweb_pg.administrator_login_password
+  value     = azurerm_postgresql_flexible_server.tikweb_pg_new.administrator_password
   sensitive = true
 }
 
 output "postgres_admin_username" {
-  value     = azurerm_postgresql_server.tikweb_pg.administrator_login
+  value     = azurerm_postgresql_flexible_server.tikweb_pg_new.administrator_login
   sensitive = true
 }
 
-output "postgres_server_new_id" {
+output "postgres_server_id" {
   value = azurerm_postgresql_flexible_server.tikweb_pg_new.id
 }
 
-output "postgres_server_new_fqdn" {
+output "postgres_server_fqdn" {
   value = azurerm_postgresql_flexible_server.tikweb_pg_new.fqdn
 }
-output "postgres_server_new_name" {
+output "postgres_server_name" {
   value = azurerm_postgresql_flexible_server.tikweb_pg_new.name
 }
 output "tikweb_app_plan_id" {

diff --git a/modules/ilmo/main.tf b/modules/ilmo/main.tf
@@ -5,7 +5,7 @@ locals {
 
 resource "azurerm_postgresql_flexible_server_database" "ilmo_db_new" {
   name      = local.db_name
-  server_id = var.postgres_server_new_id
+  server_id = var.postgres_server_id
   charset   = "utf8"
 }
 

diff --git a/modules/ilmo/variables.tf b/modules/ilmo/variables.tf
@@ -9,11 +9,6 @@ variable "resource_group_name" {
 variable "resource_group_location" {
   type = string
 }
-
-variable "postgres_server_name" {
-  type = string
-}
-
 variable "postgres_server_fqdn" {
   type = string
 }
@@ -23,11 +18,7 @@ variable "postgres_admin_password" {
   sensitive = true
 }
 
-variable "postgres_server_host" {
-  type = string
-}
-
-variable "postgres_server_new_id" {
+variable "postgres_server_id" {
   type = string
 }
 

diff --git a/modules/tenttiarkisto/main.tf b/modules/tenttiarkisto/main.tf
@@ -7,17 +7,9 @@ resource "azurerm_resource_group" "tenttiarkisto_rg" {
   location = var.resource_group_location
 }
 
-resource "azurerm_postgresql_database" "tenttiarkisto_db" {
-  name                = local.db_name
-  resource_group_name = var.postgres_resource_group_name
-  server_name         = var.postgres_server_name
-  charset             = "UTF8"
-  collation           = "fi-FI"
-}
-
 resource "azurerm_postgresql_flexible_server_database" "tenttiarkisto_db_new" {
   name      = local.db_name
-  server_id = var.postgres_server_new_id
+  server_id = var.postgres_server_id
   charset   = "utf8"
 }
 
@@ -83,7 +75,7 @@ resource "azurerm_linux_web_app" "tenttiarkisto" {
     DB_NAME     = azurerm_postgresql_flexible_server_database.tenttiarkisto_db_new.name
     DB_USER     = "tietokilta"
     DB_PASSWORD = var.postgres_admin_password
-    DB_HOST     = var.postgres_server_new_fqdn
+    DB_HOST     = var.postgres_server_fqdn
 
     SECRET_KEY = var.django_secret_key
 

diff --git a/modules/tenttiarkisto/variables.tf b/modules/tenttiarkisto/variables.tf
@@ -10,10 +10,6 @@ variable "resource_group_location" {
   type = string
 }
 
-variable "postgres_server_name" {
-  type = string
-}
-
 variable "postgres_server_fqdn" {
   type = string
 }
@@ -22,16 +18,10 @@ variable "postgres_admin_password" {
   type      = string
   sensitive = true
 }
-
-variable "postgres_server_host" {
-  type = string
-}
-variable "postgres_server_new_id" {
-  type = string
-}
-variable "postgres_server_new_fqdn" {
+variable "postgres_server_id" {
   type = string
 }
+
 variable "tikweb_app_plan_id" {
   type = string
 }