Remove external endpoints (#569)

components/app/config/app_settings.yml

@@ -17,7 +17,7 @@ production: &production
   sentry_dsn: "<%= AppSettings.credentials.fetch('sentry_dsn') %>"
   ahn_core_password: "<%= ENV.fetch('AHN_CORE_PASSWORD') %>"
   ahn_http_password: "<%= AppSettings.credentials.fetch('ahn_http_password') %>"
-  call_platform_host: "https://api.somleng.org"
+  call_platform_host: "https://api.internal.somleng.org"
   call_platform_password: "<%= AppSettings.credentials.fetch('call_platform_password') %>"
 
 staging:

infrastructure/modules/somleng_switch/switch.tf

@@ -713,12 +713,6 @@ resource "aws_ecs_service" "switch" {
     type = "distinctInstance"
   }
 
-  load_balancer {
-    target_group_arn = aws_lb_target_group.switch_public_http.arn
-    container_name   = "nginx"
-    container_port   = var.switch_webserver_port
-  }
-
   load_balancer {
     target_group_arn = aws_lb_target_group.switch_http.arn
     container_name   = "nginx"
@@ -735,21 +729,6 @@ resource "aws_ecs_service" "switch" {
 }
 
 # Load Balancer
-resource "aws_lb_target_group" "switch_public_http" {
-  name                 = var.switch_identifier
-  port                 = var.switch_webserver_port
-  protocol             = "HTTP"
-  vpc_id               = var.vpc.vpc_id
-  target_type          = "ip"
-  deregistration_delay = 60
-
-  health_check {
-    protocol          = "HTTP"
-    path              = "/health_checks"
-    healthy_threshold = 3
-    interval          = 10
-  }
-}
 
 resource "aws_lb_target_group" "switch_http" {
   name                 = "${var.switch_identifier}-internal"
@@ -767,27 +746,6 @@ resource "aws_lb_target_group" "switch_http" {
   }
 }
 
-resource "aws_lb_listener_rule" "switch_public_http" {
-  priority = var.app_environment == "production" ? 20 : 120
-
-  listener_arn = var.listener.arn
-
-  action {
-    type             = "forward"
-    target_group_arn = aws_lb_target_group.switch_public_http.id
-  }
-
-  condition {
-    host_header {
-      values = [aws_route53_record.switch_public.fqdn]
-    }
-  }
-
-  lifecycle {
-    ignore_changes = [action]
-  }
-}
-
 resource "aws_lb_listener_rule" "switch_http" {
   priority = var.app_environment == "production" ? 20 : 120
 
@@ -872,17 +830,6 @@ resource "aws_cloudwatch_log_metric_filter" "freeswitch_session_count" {
 }
 
 # Route53
-resource "aws_route53_record" "switch_public" {
-  zone_id = var.route53_zone.zone_id
-  name    = var.app_environment == "production" ? "ahn" : "switch-staging"
-  type    = "A"
-
-  alias {
-    name                   = var.load_balancer.dns_name
-    zone_id                = var.load_balancer.zone_id
-    evaluate_target_health = true
-  }
-}
 
 resource "aws_route53_record" "switch" {
   zone_id = var.internal_route53_zone.zone_id

infrastructure/modules/somleng_switch/variables.tf

@@ -19,10 +19,8 @@ variable "media_proxy_image" {}
 variable "freeswitch_event_logger_image" {}
 variable "s3_mpeg_ecr_repository_url" {}
 variable "services_ecr_repository_url" {}
-variable "load_balancer" {}
 variable "internal_load_balancer" {}
 variable "network_load_balancer" {}
-variable "listener" {}
 variable "internal_listener" {}
 variable "switch_subdomain" {}
 variable "client_gateway_subdomain" {}

infrastructure/production/main.tf

@@ -30,7 +30,7 @@ module "somleng_switch" {
   app_environment = "production"
 
   json_cdr_password_parameter_arn = data.aws_ssm_parameter.somleng_services_password.arn
-  json_cdr_url                    = "https://api.somleng.org/services/call_data_records"
+  json_cdr_url                    = "https://api.internal.somleng.org/services/call_data_records"
   external_sip_ip                 = data.terraform_remote_state.core_infrastructure.outputs.nlb_eips[0].public_ip
   external_rtp_ip                 = data.terraform_remote_state.core_infrastructure.outputs.vpc.nat_public_ips[0]
 
@@ -46,10 +46,8 @@ module "somleng_switch" {
   db_port                   = data.terraform_remote_state.core_infrastructure.outputs.db_cluster.port
   db_security_group         = data.terraform_remote_state.core_infrastructure.outputs.db_security_group.id
 
-  load_balancer          = data.terraform_remote_state.core_infrastructure.outputs.application_load_balancer
   internal_load_balancer = data.terraform_remote_state.core_infrastructure.outputs.internal_application_load_balancer
   network_load_balancer  = data.terraform_remote_state.core_infrastructure.outputs.network_load_balancer
-  listener               = data.terraform_remote_state.core_infrastructure.outputs.https_listener
   internal_listener      = data.terraform_remote_state.core_infrastructure.outputs.internal_https_listener
 
   route53_zone          = data.terraform_remote_state.core_infrastructure.outputs.route53_zone_somleng_org

infrastructure/staging/main.tf

@@ -47,10 +47,8 @@ module "somleng_switch_staging" {
   db_port                   = data.terraform_remote_state.core_infrastructure.outputs.db_cluster.port
   db_security_group         = data.terraform_remote_state.core_infrastructure.outputs.db_security_group.id
 
-  load_balancer          = data.terraform_remote_state.core_infrastructure.outputs.application_load_balancer
   internal_load_balancer = data.terraform_remote_state.core_infrastructure.outputs.internal_application_load_balancer
   network_load_balancer  = data.terraform_remote_state.core_infrastructure.outputs.network_load_balancer
-  listener               = data.terraform_remote_state.core_infrastructure.outputs.https_listener
   internal_listener      = data.terraform_remote_state.core_infrastructure.outputs.internal_https_listener
 
   route53_zone          = data.terraform_remote_state.core_infrastructure.outputs.route53_zone_somleng_org