#
# Liferay nodes
#
#
# Security group
#
resource "openstack_networking_secgroup_v2" "liferay_cluster_traffic" {
  name                 = "liferay_cluster_traffic"
  delete_default_rules = "true"
  description          = "Traffic between the Liferay cluster nodes"
}

resource "openstack_networking_secgroup_rule_v2" "traffic_between_liferay_nodes" {
  count             = var.liferay_data.vm_count
  security_group_id = openstack_networking_secgroup_v2.liferay_cluster_traffic.id
  description       = "Traffic between liferay nodes"
  direction         = "ingress"
  ethertype         = "IPv4"
  protocol          = "tcp"
  remote_ip_prefix  = join("/", [element(var.liferay_ip_addrs.*, count.index), "32"])
}

#
# Object storage container
#
# Creating object bucket to store avatars
resource "openstack_objectstorage_container_v1" "liferay" {
  name   = "liferay-data"
  versioning = true
}
#
# Server group
#
resource "openstack_compute_servergroup_v2" "liferay" {
  name     = "liferay"
  policies = [var.liferay_data.affinity_policy]
}

# Instance(s)
resource "openstack_compute_instance_v2" "liferay" {
  count                   = var.liferay_data.vm_count
  name                    = format("%s-%02d", var.liferay_data.srv_name, count.index + 1)
  availability_zone_hints = module.common_variables.availability_zones_names.availability_zone_no_gpu
  flavor_name             = var.liferay_data.vm_flavor
  key_pair                = module.ssh_settings.ssh_key_name
  security_groups         = [data.terraform_remote_state.privnet_dns_router.outputs.default_security_group_name, openstack_networking_secgroup_v2.liferay_cluster_traffic.name, data.terraform_remote_state.privnet_dns_router.outputs.security_group_list.http_and_https_from_the_load_balancers, "restricted_web_service"]
  scheduler_hints {
    group = openstack_compute_servergroup_v2.liferay.id
  }
  block_device {
    uuid                  = data.terraform_remote_state.privnet_dns_router.outputs.ubuntu_1804.uuid
    source_type           = "image"
    volume_size           = var.liferay_data.boot_vol_size
    boot_index            = 0
    destination_type      = "volume"
    delete_on_termination = false
  }

  network {
    name        = data.terraform_remote_state.privnet_dns_router.outputs.main_private_network.name
    fixed_ip_v4 = var.liferay_ip_addrs.* [count.index]
  }
  network {
    name = module.common_variables.shared_postgresql_server_data.network_name
  }
  user_data = file("${data.terraform_remote_state.privnet_dns_router.outputs.ubuntu1804_data_file}")
  # Do not replace the instance when the ssh key changes
  lifecycle {
    ignore_changes = [
      # Ignore changes to tags, e.g. because a management agent
      # updates these based on some ruleset managed elsewhere.
      key_pair, user_data, network
    ]
  }
}

resource "openstack_dns_recordset_v2" "cdn_dns_recordset" {
  for_each = var.liferay_recordsets
  zone_id     = data.terraform_remote_state.privnet_dns_router.outputs.dns_zone_id
  name        = each.value.name
  description = each.value.description
  ttl         = 8600
  type        = "CNAME"
  records     = [local.cname_target]
}

locals {
  cname_target     = "main-lb.${data.terraform_remote_state.privnet_dns_router.outputs.dns_zone.zone_name}"
}