to.cler.be/operations/terraform/ecs.tf

resource "aws_secretsmanager_secret" "toclerbe" {
  name  = "${var.app_name}-config"
}

resource "aws_efs_mount_target" "ortis" {
  file_system_id  = data.terraform_remote_state.jdbsoft.outputs.sobeck-efs.id
  subnet_id       = data.terraform_remote_state.jdbsoft.outputs.aws_subnet_private2.id
  security_groups = [ data.terraform_remote_state.jdbsoft.outputs.aws_security_group_private_traffic.id ]
}


resource "aws_ecs_task_definition" "toclerbe" {
  family                    = var.app_name
  network_mode              = "bridge"
  requires_compatibilities  = ["EC2"]
  execution_role_arn        = aws_iam_role.ecs_task.arn

  # See https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html
  container_definitions = jsonencode([
    {
      name              = var.app_name
      image             = "${aws_ecr_repository.toclerbe.repository_url}:${data.external.git_describe.result.version}"
      cpu               = 128
      memory            = 128
      memoryReservation = 32
      environment       = [
        {
          name  = "TOCLERBE_PORT"
          value = "80"
        }
      ]
      mountPoints       = [
        {
          containerPath = "/data"
          sourceVolume  = "efs-toclerbe-data"
        }
      ]
      portMappings      = [
        {
          protocol      = "tcp"
          containerPort = 80
        }
      ]
      secrets           = [
        {
          name        = "API_KEYS"
          description = "API keys allowed to configure the service.."
          valueFrom   = "${aws_secretsmanager_secret.toclerbe.arn}:apiKeys::"
        }
      ]
    }
  ])

  volume {
    name = "efs-toclerbe-data"

    efs_volume_configuration {
      file_system_id = data.terraform_remote_state.jdbsoft.outputs.sobeck-efs.id
      root_directory = "/toclerbe/data"
    }
  }

  tags = {
    Name        = var.app_domain
  }
}

resource "aws_ecs_service" "toclerbe" {
  name            = var.app_name
  cluster         = data.terraform_remote_state.jdbsoft.outputs.aws_ecs_cluster_ortis.id
  task_definition = aws_ecs_task_definition.toclerbe.arn
  desired_count   = 1
  launch_type     = "EC2"

  load_balancer {
    target_group_arn  = aws_lb_target_group.toclerbe.arn
    container_name    = var.app_name
    container_port    = 80
  }

  tags = {
    Name        = var.app_domain
  }
}