From 6aa189980bf8dd30d5a0c7d2ea2a99a0c44d8be6 Mon Sep 17 00:00:00 2001
From: Krisjanis Lejejs <krisjanis.lejejs@gmail.com>
Date: Tue, 15 Oct 2024 00:02:52 +0300
Subject: [PATCH] Migrate Cloudflare lb and lb pool creation to modules

---
 .modules/cloudflare_load_balancer/dns.tf      | 24 +++++++++++++
 .modules/cloudflare_load_balancer/module.tf   |  3 ++
 .modules/cloudflare_load_balancer/outputs.tf  |  7 ++++
 .../cloudflare_load_balancer/variables.tf     | 30 ++++++++++++++++
 .modules/cloudflare_load_balancer_pool/dns.tf | 18 ++++++++++
 .../cloudflare_load_balancer_pool/outputs.tf  |  3 ++
 .../variables.tf                              | 34 +++++++++++++++++++
 stun_server/dns.tf                            | 24 -------------
 stun_server/main.tf                           | 20 +++++++++--
 stun_server/outputs.tf                        |  2 +-
 stun_server/region/dns.tf                     | 18 ----------
 stun_server/region/module.tf                  | 12 +++++++
 stun_server/region/outputs.tf                 |  4 +--
 13 files changed, 151 insertions(+), 48 deletions(-)
 create mode 100644 .modules/cloudflare_load_balancer/dns.tf
 create mode 100644 .modules/cloudflare_load_balancer/module.tf
 create mode 100644 .modules/cloudflare_load_balancer/outputs.tf
 create mode 100644 .modules/cloudflare_load_balancer/variables.tf
 create mode 100644 .modules/cloudflare_load_balancer_pool/dns.tf
 create mode 100644 .modules/cloudflare_load_balancer_pool/outputs.tf
 create mode 100644 .modules/cloudflare_load_balancer_pool/variables.tf
 delete mode 100644 stun_server/dns.tf
 delete mode 100644 stun_server/region/dns.tf

diff --git a/.modules/cloudflare_load_balancer/dns.tf b/.modules/cloudflare_load_balancer/dns.tf
new file mode 100644
index 0000000..c5f826d
--- /dev/null
+++ b/.modules/cloudflare_load_balancer/dns.tf
@@ -0,0 +1,24 @@
+resource "cloudflare_load_balancer" "load_balancer" {
+  zone_id          = data.cloudflare_zone.dns_zone.id
+  name             = "${var.subdomain}.${var.domain_name}"
+  default_pool_ids = var.pool_ids
+  fallback_pool_id = var.pool_ids[var.default_pool_ids_index]
+  description      = "${var.subdomain} load balancer using proximity steering policy"
+
+  proxied         = false
+  steering_policy = "proximity"
+
+  location_strategy {
+    mode       = "pop"
+    prefer_ecs = "proximity"
+  }
+}
+
+resource "cloudflare_load_balancer_monitor" "monitor" {
+  account_id = var.cloudflare_account_id
+  type       = "tcp"
+  port       = var.monitoring_port
+  interval   = 60
+  timeout    = 5
+  retries    = 2
+}
diff --git a/.modules/cloudflare_load_balancer/module.tf b/.modules/cloudflare_load_balancer/module.tf
new file mode 100644
index 0000000..6b54c30
--- /dev/null
+++ b/.modules/cloudflare_load_balancer/module.tf
@@ -0,0 +1,3 @@
+data "cloudflare_zone" "dns_zone" {
+  name = var.domain_name
+}
diff --git a/.modules/cloudflare_load_balancer/outputs.tf b/.modules/cloudflare_load_balancer/outputs.tf
new file mode 100644
index 0000000..65d8403
--- /dev/null
+++ b/.modules/cloudflare_load_balancer/outputs.tf
@@ -0,0 +1,7 @@
+output "load_balancer_endpoint" {
+  value = cloudflare_load_balancer.load_balancer.name
+}
+
+output "load_balancer_monitor_id" {
+  value = cloudflare_load_balancer_monitor.monitor.id
+}
diff --git a/.modules/cloudflare_load_balancer/variables.tf b/.modules/cloudflare_load_balancer/variables.tf
new file mode 100644
index 0000000..3aa8485
--- /dev/null
+++ b/.modules/cloudflare_load_balancer/variables.tf
@@ -0,0 +1,30 @@
+variable "cloudflare_account_id" {
+  description = "Cloudflare Account Id"
+  type        = string
+}
+
+variable "domain_name" {
+  description = "Domain name for the load balancer"
+  type        = string
+}
+
+variable "subdomain" {
+  description = "Subdomain for the load balancer"
+  type        = string
+}
+
+variable "pool_ids" {
+  description = "List of Cloudflare Load Balancer Pool Ids"
+  type        = list(string)
+}
+
+variable "default_pool_ids_index" {
+  description = "Index of the default pool in the pool_ids list"
+  type        = number
+  default     = 0
+}
+
+variable "monitoring_port" {
+  description = "Port used for monitoring by the load balancer"
+  type        = number
+}
diff --git a/.modules/cloudflare_load_balancer_pool/dns.tf b/.modules/cloudflare_load_balancer_pool/dns.tf
new file mode 100644
index 0000000..fc3995c
--- /dev/null
+++ b/.modules/cloudflare_load_balancer_pool/dns.tf
@@ -0,0 +1,18 @@
+resource "cloudflare_load_balancer_pool" "pool" {
+  account_id  = var.cloudflare_account_id
+  name        = "${var.pool_name}-${var.region}"
+  description = "${var.pool_name} pool for ${var.region}"
+  latitude    = var.pool_latitude
+  longitude   = var.pool_longitude
+  monitor     = var.load_balancer_monitor_id
+
+  origins {
+    name    = "${var.pool_name}-${var.region}-pool"
+    address = var.pool_endpoint
+    weight  = 1
+  }
+
+  origin_steering {
+    policy = "random"
+  }
+}
diff --git a/.modules/cloudflare_load_balancer_pool/outputs.tf b/.modules/cloudflare_load_balancer_pool/outputs.tf
new file mode 100644
index 0000000..6f1e4d2
--- /dev/null
+++ b/.modules/cloudflare_load_balancer_pool/outputs.tf
@@ -0,0 +1,3 @@
+output "load_balancer_pool_id" {
+  value = cloudflare_load_balancer_pool.pool.id
+}
diff --git a/.modules/cloudflare_load_balancer_pool/variables.tf b/.modules/cloudflare_load_balancer_pool/variables.tf
new file mode 100644
index 0000000..683d571
--- /dev/null
+++ b/.modules/cloudflare_load_balancer_pool/variables.tf
@@ -0,0 +1,34 @@
+variable "region" {
+  description = "AWS region associated with the resources of the Cloudflare Load Balancer Pool"
+  type        = string
+}
+
+variable "cloudflare_account_id" {
+  description = "Cloudflare Account Id"
+  type        = string
+}
+
+variable "pool_name" {
+  description = "Cloudflare Load Balancer Pool Name"
+  type        = string
+}
+
+variable "pool_latitude" {
+  description = "Cloudflare Load Balancer Pool Latitude"
+  type        = number
+}
+
+variable "pool_longitude" {
+  description = "Cloudflare Load Balancer Pool Longitude"
+  type        = number
+}
+
+variable "pool_endpoint" {
+  description = "Cloudflare Load Balancer Pool Endpoint"
+  type        = string
+}
+
+variable "load_balancer_monitor_id" {
+  description = "Cloudflare Load Balancer Monitor Id"
+  type        = string
+}
diff --git a/stun_server/dns.tf b/stun_server/dns.tf
deleted file mode 100644
index 7b5d4f4..0000000
--- a/stun_server/dns.tf
+++ /dev/null
@@ -1,24 +0,0 @@
-resource "cloudflare_load_balancer" "stun-server" {
-  zone_id          = data.cloudflare_zone.dns_zone.id
-  name             = "stun.${var.domain_name}"
-  default_pool_ids = [module.us_east_1.cloudflare_load_balancer_pool_id, module.eu_central_1.cloudflare_load_balancer_pool_id, module.ap_southeast_1.cloudflare_load_balancer_pool_id]
-  fallback_pool_id = module.us_east_1.cloudflare_load_balancer_pool_id
-  description      = "Stun server load balancer using proximity steering policy"
-
-  proxied         = false
-  steering_policy = "proximity"
-
-  location_strategy {
-    mode       = "pop"
-    prefer_ecs = "proximity"
-  }
-}
-
-resource "cloudflare_load_balancer_monitor" "stun-server" {
-  account_id = var.CLOUDFLARE_ACCOUNT_ID
-  type       = "tcp"
-  port       = 3478
-  interval   = 60
-  timeout    = 5
-  retries    = 2
-}
diff --git a/stun_server/main.tf b/stun_server/main.tf
index 6c08da8..744fb4f 100644
--- a/stun_server/main.tf
+++ b/stun_server/main.tf
@@ -16,6 +16,20 @@ data "cloudflare_zone" "dns_zone" {
   name = var.domain_name
 }
 
+module "cloudflare_load_balancer" {
+  source = "../.modules/cloudflare_load_balancer"
+
+  cloudflare_account_id = var.CLOUDFLARE_ACCOUNT_ID
+  domain_name           = var.domain_name
+  subdomain             = "stun"
+  pool_ids = [
+    module.us_east_1.cloudflare_load_balancer_pool_id,
+    module.eu_central_1.cloudflare_load_balancer_pool_id,
+    module.ap_southeast_1.cloudflare_load_balancer_pool_id,
+  ]
+  monitoring_port = 3478
+}
+
 module "us_east_1" {
   source = "./region"
 
@@ -23,7 +37,7 @@ module "us_east_1" {
   cloudflare_account_id                   = var.CLOUDFLARE_ACCOUNT_ID
   cloudflare_load_balancer_pool_latitude  = 37.54129
   cloudflare_load_balancer_pool_longitude = -77.43477
-  cloudflare_load_balancer_monitor_id     = cloudflare_load_balancer_monitor.stun-server.id
+  cloudflare_load_balancer_monitor_id     = module.cloudflare_load_balancer.load_balancer_monitor_id
   image_tag                               = var.image_tag
 }
 
@@ -34,7 +48,7 @@ module "eu_central_1" {
   cloudflare_account_id                   = var.CLOUDFLARE_ACCOUNT_ID
   cloudflare_load_balancer_pool_latitude  = 50.1155
   cloudflare_load_balancer_pool_longitude = 8.6842
-  cloudflare_load_balancer_monitor_id     = cloudflare_load_balancer_monitor.stun-server.id
+  cloudflare_load_balancer_monitor_id     = module.cloudflare_load_balancer.load_balancer_monitor_id
   image_tag                               = var.image_tag
 }
 
@@ -45,6 +59,6 @@ module "ap_southeast_1" {
   cloudflare_account_id                   = var.CLOUDFLARE_ACCOUNT_ID
   cloudflare_load_balancer_pool_latitude  = 1.2897
   cloudflare_load_balancer_pool_longitude = 103.8501
-  cloudflare_load_balancer_monitor_id     = cloudflare_load_balancer_monitor.stun-server.id
+  cloudflare_load_balancer_monitor_id     = module.cloudflare_load_balancer.load_balancer_monitor_id
   image_tag                               = var.image_tag
 }
diff --git a/stun_server/outputs.tf b/stun_server/outputs.tf
index 0994452..b15a76f 100644
--- a/stun_server/outputs.tf
+++ b/stun_server/outputs.tf
@@ -1,4 +1,4 @@
 output "endpoint" {
   description = "Endpoint of the Stun server"
-  value       = cloudflare_load_balancer.stun-server.name
+  value       = module.cloudflare_load_balancer.load_balancer_endpoint
 }
diff --git a/stun_server/region/dns.tf b/stun_server/region/dns.tf
deleted file mode 100644
index 1bc59a3..0000000
--- a/stun_server/region/dns.tf
+++ /dev/null
@@ -1,18 +0,0 @@
-resource "cloudflare_load_balancer_pool" "stun-server" {
-  account_id  = var.cloudflare_account_id
-  name        = "stun-${data.aws_region.current.name}"
-  description = "Stun server pool for ${data.aws_region.current.name}"
-  latitude    = var.cloudflare_load_balancer_pool_latitude
-  longitude   = var.cloudflare_load_balancer_pool_longitude
-  monitor     = var.cloudflare_load_balancer_monitor_id
-
-  origins {
-    name    = "stun-${data.aws_region.current.name}-pool"
-    address = aws_lb.main.dns_name
-    weight  = 1
-  }
-
-  origin_steering {
-    policy = "random"
-  }
-}
diff --git a/stun_server/region/module.tf b/stun_server/region/module.tf
index dcf42bd..6ca3e16 100644
--- a/stun_server/region/module.tf
+++ b/stun_server/region/module.tf
@@ -14,6 +14,18 @@ data "tfe_outputs" "infrastructure" {
 
 data "aws_region" "current" {}
 
+module "cloudflare_load_balancer_pool" {
+  source = "../../.modules/cloudflare_load_balancer_pool"
+
+  region                   = data.aws_region.current.name
+  cloudflare_account_id    = var.cloudflare_account_id
+  pool_name                = "stun"
+  pool_latitude            = var.cloudflare_load_balancer_pool_latitude
+  pool_longitude           = var.cloudflare_load_balancer_pool_longitude
+  pool_endpoint            = aws_lb.main.dns_name
+  load_balancer_monitor_id = var.cloudflare_load_balancer_monitor_id
+}
+
 module "stun_server_tcp" {
   source = "../../.modules/service"
 
diff --git a/stun_server/region/outputs.tf b/stun_server/region/outputs.tf
index cafd39b..38a65f1 100644
--- a/stun_server/region/outputs.tf
+++ b/stun_server/region/outputs.tf
@@ -1,4 +1,4 @@
 output "cloudflare_load_balancer_pool_id" {
-  description = "The ID of the Cloudflare Load Balancer Pool"
-  value       = cloudflare_load_balancer_pool.stun-server.id
+  description = "Cloudflare Load Balancer Pool Id"
+  value       = module.cloudflare_load_balancer_pool.load_balancer_pool_id
 }