From c3d9a55497886ae4f9b838e954d0ed80f52ab7ee Mon Sep 17 00:00:00 2001
From: Danny Grove <danny@drgrovellc.com>
Date: Sun, 31 Mar 2024 02:11:40 -0700
Subject: [PATCH] Add support for mysql db cluster, add crater mysql db,
 upgrade DO provider

---
 infra/main/main.tf                            | 24 ++++++++++-------
 infra/main/provider.tf                        |  2 +-
 .../digitalocean_database_cluster/main.tf     | 27 +++++++++++++------
 .../variables.tf                              |  5 ++++
 4 files changed, 39 insertions(+), 19 deletions(-)

diff --git a/infra/main/main.tf b/infra/main/main.tf
index 0ce21f3..b2314aa 100644
--- a/infra/main/main.tf
+++ b/infra/main/main.tf
@@ -10,21 +10,18 @@ resource "random_id" "suffix" {
   byte_length = 8
 }
 
-data "digitalocean_region" "provided" {
-  slug = var.region
-}
 
 resource "digitalocean_custom_image" "talos" {
   name = "talos"
   url = "https://github.com/siderolabs/talos/releases/download/v1.4.3/digital-ocean-amd64.raw.gz"
   # this gets reset by DigitalOcean otherwise
   distribution = "Unknown OS"
-  regions = [data.digitalocean_region.provided.slug]
+  regions = [var.region]
 }
 
 resource "digitalocean_vpc" "main" {
   name = "talos"
-  region = data.digitalocean_region.provided.slug
+  region = var.region 
   # Note: This is VERY CAREFULLY chosen to avoid conflict with k8s and cilium
   ip_range = "192.168.0.0/16"
 }
@@ -45,7 +42,7 @@ module "digitalocean_talos_cluster" {
     size = "s-2vcpu-4gb",
   }]
   vpc_id = digitalocean_vpc.main.id
-  digitalocean_region = data.digitalocean_region.provided.slug
+  digitalocean_region = var.region 
 }
 
 module "digitalocean_database_cluster" {
@@ -66,7 +63,7 @@ module "digitalocean_database_cluster" {
   }]
 
   vpc_id = digitalocean_vpc.main.id
-  digitalocean_region = data.digitalocean_region.provided.slug
+  digitalocean_region = var.region 
 }
 
 # Crater App requires MySQL currently, when it adds PG support we should migrate
@@ -76,8 +73,9 @@ module "digitalocean_mysql_database_cluster" {
 
   cluster_name = "distrust-mysql"
   db_engine = "mysql"
+  dbcli_name = "mariadb"
   db_version = "8"
-  size = "db-s-1vcpu-2gb"
+  size = "db-s-1vcpu-1gb"
   node_count = 1
 
   databases = [{
@@ -86,7 +84,7 @@ module "digitalocean_mysql_database_cluster" {
   }]
 
   vpc_id = digitalocean_vpc.main.id
-  digitalocean_region = data.digitalocean_region.provided.slug
+  digitalocean_region = var.region 
 }
 
 locals {
@@ -100,10 +98,11 @@ locals {
   ])
 }
 
+
 # `jq .database_users.value.forgejo | sops --encrypt`
 output "database_users" {
   value = {
-    for db_user in module.digitalocean_database_cluster.database_users:
+    for db_user in concat(module.digitalocean_database_cluster.database_users, module.digitalocean_mysql_database_cluster.database_users):
     db_user.name => {
       apiVersion = "v1",
       kind = "Secret",
@@ -131,6 +130,11 @@ output "database" {
   sensitive = true
 }
 
+output "mysql_database" {
+  value = module.digitalocean_mysql_database_cluster.database_cluster
+  sensitive = true
+}
+
 output "vpc_id" {
   value = digitalocean_vpc.main.id
 }
diff --git a/infra/main/provider.tf b/infra/main/provider.tf
index afd7ad6..32f2430 100644
--- a/infra/main/provider.tf
+++ b/infra/main/provider.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     digitalocean = {
       source  = "digitalocean/digitalocean"
-      version = "2.28.1"
+      version = "2.36.0"
     }
   }
   backend "s3" {
diff --git a/terraform_modules/digitalocean_database_cluster/main.tf b/terraform_modules/digitalocean_database_cluster/main.tf
index 9114a10..1146ab1 100644
--- a/terraform_modules/digitalocean_database_cluster/main.tf
+++ b/terraform_modules/digitalocean_database_cluster/main.tf
@@ -39,23 +39,34 @@ resource "digitalocean_database_user" "default_users" {
   name = each.key
 
   provisioner "local-exec" {
-    command = "GRANT ALL ON DATABASE ${each.key} TO ${each.key};"
-    interpreter = [
-      "psql",
-      "-v", "ON_ERROR_STOP=1",
+    command = var.dbcli_name == "psql" ? "GRANT ALL ON DATABASE ${each.key} TO ${each.key};" : "GRANT ALL PRIVILEGES ON ${each.key} TO '${each.key}'@'%';"
+    interpreter = var.dbcli_name == "psql" ? [
+      "${var.dbcli_name}",
       "${local.base_connection_string}/${each.key}",
       "-c"
+    ] : [
+      "${var.dbcli_name}",
+      "-u",
+      "${digitalocean_database_cluster.main.user}",
+      "-p",
+      "-h",
+      "${digitalocean_database_cluster.main.host}",
+      "-P",
+      "25060",
+      "-D",
+      "${each.key}",
+      "-e"
     ]
   }
 
   provisioner "local-exec" {
-    command = "GRANT ALL ON SCHEMA public TO ${each.key}"
-    interpreter = [
-      "psql",
+    command = var.dbcli_name == "psql" ? "GRANT ALL ON SCHEMA public TO ${each.key}" : "true"
+    interpreter = var.dbcli_name == "psql" ? [
+      "${var.dbcli_name}",
       "-v", "ON_ERROR_STOP=1",
       "${local.base_connection_string}/${each.key}",
       "-c"
-    ]
+    ] : ["true"]
   }
 
   # Note: provisioners depend on databases existing
diff --git a/terraform_modules/digitalocean_database_cluster/variables.tf b/terraform_modules/digitalocean_database_cluster/variables.tf
index dd1a6a3..3a43c6b 100644
--- a/terraform_modules/digitalocean_database_cluster/variables.tf
+++ b/terraform_modules/digitalocean_database_cluster/variables.tf
@@ -33,3 +33,8 @@ variable "vpc_id" {
   type = string
   nullable = true
 }
+
+variable "dbcli_name" {
+  type    = string
+  default = "psql"
+}