🚀 More efs for next ☁️ (#5558)

* more efs 🚀

* Update efs.tf

* name

* rename

* Update ecs_service.tf

* Update ecs_service.tf

* Update ecs_service.tf

* Update ecs_cluster.tf

* Update ecs_cluster.tf

* Update main.tf

terraform/environments/delius-core/modules/helpers/delius_microservice/locals.tf

@@ -40,15 +40,15 @@ locals {
   ])
 
   rds_env_vars = var.rds_endpoint_environment_variable != "" ? {
-    var.rds_endpoint_environment_variable = aws_db_instance.this[0].endpoint
+    (var.rds_endpoint_environment_variable) = aws_db_instance.this[0].endpoint
   } : {}
 
   rds_secrets = var.rds_password_secret_variable != "" ? {
-    var.rds_password_secret_variable = "${aws_db_instance.this[0].master_user_secret[0].secret_arn}:password:AWSCURRENT"
+    (var.rds_password_secret_variable) = "${aws_db_instance.this[0].master_user_secret[0].secret_arn}:password:AWSCURRENT"
   } : {}
 
   elasticache_env_vars = var.elasticache_endpoint_environment_variable != "" ? {
-    var.elasticache_endpoint_environment_variable = aws_elasticache_cluster.this[0].cluster_address
+    (var.elasticache_endpoint_environment_variable) = aws_elasticache_cluster.this[0].cluster_address
   } : {}
 
 }

terraform/environments/delius-core/modules/helpers/efs/outputs.tf

@@ -17,4 +17,8 @@ output "sg_arn" {
 
 output "access_point_id" {
   value = aws_efs_access_point.ldap.id
+}
+
+output "name" {
+  value = var.name
 }

terraform/environments/delius-nextcloud/modules/components/nextcloud/ecs_cluster.tf

@@ -1,11 +1,8 @@
 module "ecs" {
-  source = "github.com/ministryofjustice/modernisation-platform-terraform-ecs-cluster//cluster?ref=c195026bcf0a1958fa4d3cc2efefc56ed876507e"
-
-  environment = var.env_name
-  namespace   = "mis"
-  name        = "cluster"
-
-  tags = var.tags
+  source                    = "github.com/ministryofjustice/modernisation-platform-terraform-ecs-cluster//cluster?ref=8096707cae17a51bb5bf1cc6a36ca2b6b9c633f0"
+  name                      = "nextcloud-cluster"
+  enable_container_insights = "enabled"
+  tags                      = var.tags
 }
 
 resource "aws_security_group" "cluster" {

terraform/environments/delius-nextcloud/modules/components/nextcloud/ecs_service.tf

@@ -23,33 +23,32 @@ module "nextcloud_service" {
   deployment_minimum_healthy_percent = "100"
 
   ecs_service_egress_security_group_ids = [
-    {
+    for efs in module.nextcloud_efs : {
       ip_protocol                  = "tcp"
       port                         = 2049
-      referenced_security_group_id = module.nextcloud_efs.sg_id
-    },
+      referenced_security_group_id = efs.sg_id
+    }
   ]
 
-
   efs_volumes = [
-    {
+    for efs in module.nextcloud_efs : {
       host_path = null
-      name      = "nextcloud"
+      name      = efs.name
       efs_volume_configuration = [{
-        file_system_id          = module.nextcloud_efs.fs_id
+        file_system_id          = efs.fs_id
         root_directory          = "/"
         transit_encryption      = "ENABLED"
-        transit_encryption_port = 2049
+        transit_encryption_port = null
         authorization_config = [{
-          access_point_id = module.nextcloud_efs.access_point_id
+          access_point_id = efs.access_point_id
           iam             = "DISABLED"
         }]
       }]
     }
   ]
-  mount_points = [{
-    sourceVolume  = "nextcloud"
-    containerPath = "/var/www/"
+  mount_points = [for efs in module.nextcloud_efs : {
+    sourceVolume  = efs.name
+    containerPath = "/var/www/${efs.name}"
     readOnly      = false
   }]
 
@@ -89,43 +88,22 @@ module "nextcloud_service" {
   rds_endpoint_environment_variable         = "MYSQL_HOST"
   elasticache_endpoint_environment_variable = "REDIS_HOST"
 
-  container_environment_vars = [
-    {
-      name  = "MYSQL_DATABASE"
-      value = "nextcloud"
-    },
-    {
-      name  = "MYSQL_USER"
-      value = "dbadmin"
-    },
-    {
-      name  = "MYSQL_PASSWORD"
-      value = "password"
-    },
-    {
-      name  = "REDIS_PORT"
-      value = "6379"
-    },
-    {
-      name  = "REDIS_PASSWORD"
-      value = "password"
-    },
-    {
-      name  = "NEXTCLOUD_ADMIN_USER"
-      value = "admin"
-    },
-    {
-      name  = "NEXTCLOUD_TRUSTED_DOMAINS"
-      value = aws_route53_record.nextcloud_external.fqdn
-    }
-  ]
+  container_vars_default = {
+    MYSQL_DATABASE            = "nextcloud"
+    MYSQL_USER                = "dbadmin"
+    MYSQL_PASSWORD            = "password"
+    REDIS_PORT                = "6379"
+    REDIS_PASSWORD            = "password"
+    NEXTCLOUD_ADMIN_USER      = "admin"
+    NEXTCLOUD_TRUSTED_DOMAINS = aws_route53_record.nextcloud_external.fqdn
+  }
+  container_vars_env_specific = {}
 
-  container_secrets = [
-    {
-      name      = "NEXTCLOUD_ADMIN_PASSWORD"
-      valueFrom = aws_secretsmanager_secret.nextcloud_admin_password.arn
-    }
-  ]
+  container_secrets_env_specific = {}
+
+  container_secrets_default = {
+    NEXTCLOUD_ADMIN_PASSWORD = aws_secretsmanager_secret.nextcloud_admin_password.arn
+  }
 
   log_error_pattern      = "FATAL"
   sns_topic_arn          = aws_sns_topic.nextcloud_alarms.arn

terraform/environments/delius-nextcloud/modules/components/nextcloud/efs.tf

@@ -1,9 +1,11 @@
 module "nextcloud_efs" {
+  for_each = toset(["html", "custom_apps", "config", "data", "themes"])
+
   source = "../../../../delius-core/modules/helpers/efs"
 
-  name           = "nextcloud"
+  name           = each.key
   env_name       = var.env_name
-  creation_token = "${var.env_name}-nextcloud-efs"
+  creation_token = "${var.env_name}-${each.key}-efs"
 
   kms_key_arn                     = var.account_config.kms_keys.general_shared
   throughput_mode                 = "bursting"