Merge branch 'module/postgres' into merge

2025-07-14 13:58:16 +02:00 · 2025-07-14 13:58:16 +02:00 · f9b7fb71eb
commit f9b7fb71eb
parent 8c146a76b5 8ec98bf1da
4 changed files with 139 additions and 0 deletions
--- a/postgres/main.tf
+++ b/postgres/main.tf
@ -0,0 +1,33 @@
+locals {
+  user_count = length(var.users)
+  db_count   = length(var.databases)
+}
+
+resource "stackit_postgresflex_instance" "this" {
+  project_id      = var.project_id
+  name            = var.name
+  version         = var.ver
+  flavor          = var.flavor
+  storage         = var.storage
+  replicas        = var.replicas
+  acl             = var.acl
+  backup_schedule = var.backup_schedule
+}
+
+resource "stackit_postgresflex_user" "user" {
+  count = local.user_count
+
+  project_id  = var.project_id
+  instance_id = var.instance_id != "" ? var.instance_id : stackit_postgresflex_instance.this.instance_id
+  username    = var.users[count.index].username
+  roles       = var.users[count.index].roles
+}
+
+resource "stackit_postgresflex_database" "db" {
+  count = local.db_count
+
+  project_id  = var.project_id
+  instance_id = stackit_postgresflex_instance.this.instance_id
+  name        = var.databases[count.index].name
+  owner       = var.databases[count.index].owner
+}
--- a/postgres/outputs.tf
+++ b/postgres/outputs.tf
@ -0,0 +1,11 @@
+output "instance_id" {
+  value = stackit_postgresflex_instance.this.instance_id
+}
+
+output "user_ids" {
+  value = stackit_postgresflex_user.user[*].user_id
+}
+
+output "database_ids" {
+  value = stackit_postgresflex_database.db[*].database_id
+}
--- a/postgres/providers.tf
+++ b/postgres/providers.tf
@ -0,0 +1,9 @@
+terraform {
+  required_version = ">= 1.9.0"
+  required_providers {
+    stackit = {
+      source  = "stackitcloud/stackit"
+      version = "0.56.0"
+    }
+  }
+}
--- a/postgres/variables.tf
+++ b/postgres/variables.tf
@ -0,0 +1,86 @@
+variable "project_id" {
+  type = string
+}
+
+variable "name" {
+  type = string
+
+  validation {
+    condition     = length(regexall("^[a-z]([-a-z0-9]*[a-z0-9])?$", var.name)) > 0
+    error_message = <<EOT
+      The name must be a valid DNS-1035 label:
+      - only lower-case letters, digits or '-'
+      - must start with a letter
+      - must end with a letter or digit
+      EOT
+  }
+}
+
+variable "instance_id" {
+  type    = string
+  default = ""
+}
+
+variable "ver" {
+  type = number
+}
+
+variable "flavor" {
+  type = object({
+    cpu = number,
+    ram = number
+  })
+}
+
+variable "storage" {
+  type = object({
+    class = string,
+    size  = number
+  })
+}
+
+variable "replicas" {
+  type = number
+}
+
+variable "acl" {
+  type = list(string)
+}
+
+variable "backup_schedule" {
+  type = string
+
+}
+
+variable "users" {
+  type = list(object({
+    username = string
+    roles    = set(string)
+  }))
+  default = []
+  validation {
+    condition     = alltrue([
+      for user in var.users : user.username != "admin"
+    ])
+    error_message = "The username 'admin' is reserved and cannot be used."
+  }
+}
+
+variable "databases" {
+  type = list(object({
+    name  = string
+    owner = string
+  }))
+  default = []
+    validation {
+    condition = alltrue([
+      for db in var.databases : length(regexall("^[a-z]([-a-z0-9]*[a-z0-9])?$", db.name)) > 0
+    ])
+    error_message = <<EOT
+      The name must be a valid DNS-1035 label:
+      - only lower-case letters, digits or '-'
+      - must start with a letter
+      - must end with a letter or digit
+      EOT
+  }
+}