From d997a86a376d27bb82b642a7b5f4670208b62fad Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ahlstr=C3=B6m=20Kalle?= <ahlstrom.kalle@outlook.com>
Date: Tue, 7 Nov 2023 18:37:32 +0200
Subject: [PATCH] remove old pg single server, variables cleanup

---
 main.tf                            | 16 +++++----------
 modules/cms/variables.tf           |  4 ----
 modules/common/main.tf             | 31 ++----------------------------
 modules/common/output.tf           | 17 +++++-----------
 modules/ilmo/main.tf               |  2 +-
 modules/ilmo/variables.tf          | 11 +----------
 modules/tenttiarkisto/main.tf      | 12 ++----------
 modules/tenttiarkisto/variables.tf | 14 ++------------
 8 files changed, 18 insertions(+), 89 deletions(-)

diff --git a/main.tf b/main.tf
index 914d7fb..53c06c3 100644
--- a/main.tf
+++ b/main.tf
@@ -133,9 +133,8 @@ module "cms" {
   env_name                     = "prod"
   resource_group_name          = module.common.resource_group_name
   resource_group_location      = local.resource_group_location
-  postgres_server_name         = module.common.postgres_server_new_name
-  postgres_server_fqdn         = module.common.postgres_server_new_fqdn
-  postgres_server_id           = module.common.postgres_server_new_id
+  postgres_server_fqdn         = module.common.postgres_server_fqdn
+  postgres_server_id           = module.common.postgres_server_id
   postgres_admin_password      = module.common.postgres_admin_password
   strapi_jwt_secret            = module.keyvault.strapi_jwt_secret
   strapi_admin_jwt_secret      = module.keyvault.strapi_admin_jwt_secret
@@ -155,11 +154,9 @@ module "ilmo" {
   env_name                = "prod"
   resource_group_name     = module.common.resource_group_name
   resource_group_location = local.resource_group_location
-  postgres_server_name    = module.common.postgres_server_name
-  postgres_server_fqdn    = module.common.postgres_server_new_fqdn
-  postgres_server_host    = module.common.postgres_server_name
+  postgres_server_fqdn    = module.common.postgres_server_fqdn
   postgres_admin_password = module.common.postgres_admin_password
-  postgres_server_new_id  = module.common.postgres_server_new_id
+  postgres_server_id      = module.common.postgres_server_id
   edit_token_secret       = module.keyvault.ilmo_edit_token_secret
   auth_jwt_secret         = module.keyvault.ilmo_auth_jwt_secret
   mailgun_api_key         = module.keyvault.ilmo_mailgun_api_key
@@ -191,12 +188,9 @@ module "tenttiarkisto" {
   env_name                     = "prod"
   postgres_resource_group_name = module.common.resource_group_name
   resource_group_location      = local.resource_group_location
-  postgres_server_name         = module.common.postgres_server_name
   postgres_server_fqdn         = module.common.postgres_server_fqdn
-  postgres_server_host         = module.common.postgres_server_name
   postgres_admin_password      = module.common.postgres_admin_password
-  postgres_server_new_id       = module.common.postgres_server_new_id
-  postgres_server_new_fqdn     = module.common.postgres_server_new_fqdn
+  postgres_server_id           = module.common.postgres_server_id
   tikweb_app_plan_id           = module.common.tikweb_app_plan_id
   tikweb_app_plan_rg_location  = module.common.resource_group_location
   tikweb_app_plan_rg_name      = module.common.resource_group_name
diff --git a/modules/cms/variables.tf b/modules/cms/variables.tf
index b0994dc..d8620eb 100644
--- a/modules/cms/variables.tf
+++ b/modules/cms/variables.tf
@@ -10,10 +10,6 @@ variable "resource_group_location" {
   type = string
 }
 
-variable "postgres_server_name" {
-  type = string
-}
-
 variable "postgres_server_fqdn" {
   type = string
 }
diff --git a/modules/common/main.tf b/modules/common/main.tf
index 0a46756..6a64d9a 100644
--- a/modules/common/main.tf
+++ b/modules/common/main.tf
@@ -19,25 +19,7 @@ resource "random_password" "db_password" {
   override_special = "_%@"
 }
 
-# Shared Postgres server
-resource "azurerm_postgresql_server" "tikweb_pg" {
-  name                = "tikweb-${var.env_name}-pg-server"
-  location            = azurerm_resource_group.tikweb_rg.location
-  resource_group_name = azurerm_resource_group.tikweb_rg.name
-
-  sku_name = "B_Gen5_1"
-
-  storage_mb                   = 10240 # 10 GB
-  backup_retention_days        = 7
-  geo_redundant_backup_enabled = false
-  auto_grow_enabled            = false
-
-  administrator_login          = "tietokilta"
-  administrator_login_password = random_password.db_password.result
-  version                      = "11"
-  ssl_enforcement_enabled      = true
-}
-
+# Shared Postgres
 resource "azurerm_postgresql_flexible_server" "tikweb_pg_new" {
   name                         = "tikweb-${var.env_name}-pg-server-new"
   resource_group_name          = azurerm_resource_group.tikweb_rg.name
@@ -52,22 +34,13 @@ resource "azurerm_postgresql_flexible_server" "tikweb_pg_new" {
   auto_grow_enabled            = false
   zone                         = "2"
 }
-# very secure accesses yes
+# Enable access from other Azure services
 resource "azurerm_postgresql_flexible_server_firewall_rule" "tikweb_pg_new_firewall" {
   name             = "tikweb-${var.env_name}-pg-new"
   server_id        = azurerm_postgresql_flexible_server.tikweb_pg_new.id
   start_ip_address = "0.0.0.0"
   end_ip_address   = "0.0.0.0"
 }
-# Enable access from other Azure services
-resource "azurerm_postgresql_firewall_rule" "tikweb_pg_internal_access" {
-  name                = "tikweb-${var.env_name}-pg-internal-access"
-  resource_group_name = azurerm_resource_group.tikweb_rg.name
-  server_name         = azurerm_postgresql_server.tikweb_pg.name
-  start_ip_address    = "0.0.0.0"
-  end_ip_address      = "0.0.0.0"
-}
-
 # Shared App Service Plan
 resource "azurerm_service_plan" "tikweb_plan" {
   name                = "tik-${var.env_name}-app-service-plan"
diff --git a/modules/common/output.tf b/modules/common/output.tf
index a953815..f3f7aec 100644
--- a/modules/common/output.tf
+++ b/modules/common/output.tf
@@ -4,32 +4,25 @@ output "resource_group_name" {
 output "resource_group_location" {
   value = azurerm_resource_group.tikweb_rg.location
 }
-output "postgres_server_name" {
-  value = azurerm_postgresql_server.tikweb_pg.name
-}
-
-output "postgres_server_fqdn" {
-  value = azurerm_postgresql_server.tikweb_pg.fqdn
-}
 
 output "postgres_admin_password" {
-  value     = azurerm_postgresql_server.tikweb_pg.administrator_login_password
+  value     = azurerm_postgresql_flexible_server.tikweb_pg_new.administrator_password
   sensitive = true
 }
 
 output "postgres_admin_username" {
-  value     = azurerm_postgresql_server.tikweb_pg.administrator_login
+  value     = azurerm_postgresql_flexible_server.tikweb_pg_new.administrator_login
   sensitive = true
 }
 
-output "postgres_server_new_id" {
+output "postgres_server_id" {
   value = azurerm_postgresql_flexible_server.tikweb_pg_new.id
 }
 
-output "postgres_server_new_fqdn" {
+output "postgres_server_fqdn" {
   value = azurerm_postgresql_flexible_server.tikweb_pg_new.fqdn
 }
-output "postgres_server_new_name" {
+output "postgres_server_name" {
   value = azurerm_postgresql_flexible_server.tikweb_pg_new.name
 }
 output "tikweb_app_plan_id" {
diff --git a/modules/ilmo/main.tf b/modules/ilmo/main.tf
index 3fb589e..8e6d5df 100644
--- a/modules/ilmo/main.tf
+++ b/modules/ilmo/main.tf
@@ -5,7 +5,7 @@ locals {
 
 resource "azurerm_postgresql_flexible_server_database" "ilmo_db_new" {
   name      = local.db_name
-  server_id = var.postgres_server_new_id
+  server_id = var.postgres_server_id
   charset   = "utf8"
 }
 
diff --git a/modules/ilmo/variables.tf b/modules/ilmo/variables.tf
index 3e8d28b..384a534 100644
--- a/modules/ilmo/variables.tf
+++ b/modules/ilmo/variables.tf
@@ -9,11 +9,6 @@ variable "resource_group_name" {
 variable "resource_group_location" {
   type = string
 }
-
-variable "postgres_server_name" {
-  type = string
-}
-
 variable "postgres_server_fqdn" {
   type = string
 }
@@ -23,11 +18,7 @@ variable "postgres_admin_password" {
   sensitive = true
 }
 
-variable "postgres_server_host" {
-  type = string
-}
-
-variable "postgres_server_new_id" {
+variable "postgres_server_id" {
   type = string
 }
 
diff --git a/modules/tenttiarkisto/main.tf b/modules/tenttiarkisto/main.tf
index 7b35529..ee548e4 100644
--- a/modules/tenttiarkisto/main.tf
+++ b/modules/tenttiarkisto/main.tf
@@ -7,17 +7,9 @@ resource "azurerm_resource_group" "tenttiarkisto_rg" {
   location = var.resource_group_location
 }
 
-resource "azurerm_postgresql_database" "tenttiarkisto_db" {
-  name                = local.db_name
-  resource_group_name = var.postgres_resource_group_name
-  server_name         = var.postgres_server_name
-  charset             = "UTF8"
-  collation           = "fi-FI"
-}
-
 resource "azurerm_postgresql_flexible_server_database" "tenttiarkisto_db_new" {
   name      = local.db_name
-  server_id = var.postgres_server_new_id
+  server_id = var.postgres_server_id
   charset   = "utf8"
 }
 
@@ -83,7 +75,7 @@ resource "azurerm_linux_web_app" "tenttiarkisto" {
     DB_NAME     = azurerm_postgresql_flexible_server_database.tenttiarkisto_db_new.name
     DB_USER     = "tietokilta"
     DB_PASSWORD = var.postgres_admin_password
-    DB_HOST     = var.postgres_server_new_fqdn
+    DB_HOST     = var.postgres_server_fqdn
 
     SECRET_KEY = var.django_secret_key
 
diff --git a/modules/tenttiarkisto/variables.tf b/modules/tenttiarkisto/variables.tf
index f6e4122..08ec8e6 100644
--- a/modules/tenttiarkisto/variables.tf
+++ b/modules/tenttiarkisto/variables.tf
@@ -10,10 +10,6 @@ variable "resource_group_location" {
   type = string
 }
 
-variable "postgres_server_name" {
-  type = string
-}
-
 variable "postgres_server_fqdn" {
   type = string
 }
@@ -22,16 +18,10 @@ variable "postgres_admin_password" {
   type      = string
   sensitive = true
 }
-
-variable "postgres_server_host" {
-  type = string
-}
-variable "postgres_server_new_id" {
-  type = string
-}
-variable "postgres_server_new_fqdn" {
+variable "postgres_server_id" {
   type = string
 }
+
 variable "tikweb_app_plan_id" {
   type = string
 }