AWSTemplateFormatVersion: '2010-09-09'
Description: Nakama ECS Service
Parameters:
  #------------------------
  # Deployment Information
  #------------------------
  environment:
    Type: String
    Description: Name of the environment to use in naming.
    Default: production
  release:
    Type: String
    Description: Name of the release name of the stack version to use.
    Default: production
    AllowedValues: ['develop', 'production']
    ConstraintDescription: "Must be a possible release version."
  VpcId:
    Description: ID of the VPC to deploy resources.
    Type: AWS::EC2::VPC::Id

  #-------------------
  # ECS Configuration
  #-------------------
  EcsClusterOverride:
    Type: String
    Description: The cluster to run the Nakama service on, if empty will create new cluster.
    Default: ""
  
  #-----------------
  # Load Balancing 
  #-----------------
  PublicSubnets:
    Description: The public subnets for the ALB to run in. (Seperate by spaces)
    Type: String
  PortalCertificate:
    Description: Arn of AWS Certificate in ACM
    Type: String

  #----------------------
  # Nakama Configuration
  #----------------------
  NakamaContainer:
    Type: String
    Description: Container image for Nakama server
    Default: "heroiclabs/nakama:2.7.0"
  NakamaUsername:
    Type: String
    Description: Username to access the Nakama admin portal
    Default: "admin"
  NakamaPasswordOverride:
    Type: String
    Description: Override Nakama admin portal password. Leave blank for random password.
    Default: ""
    NoEcho: true

  #------------------------
  # Database Configuration
  #------------------------
  CreateDatabase:
    Type: String
    Default: "true"
    Description: If 
    AllowedValues: ["true", "false"]

  # Manual Database Configuration
  DatabaseUsername:
    Type: String
    Description: Manual username of the Postgres server
    Default: postgres
  DatabasePassword:
    Type: String
    Description: Manual password for the Postgres server
    Default: ""
    NoEcho: true
  DatabaseEndpoint:
    Type: String
    Description: Manual endpoint for the Postgres server
    Default: ""
  DatabasePort:
    Type: Number
    Description: Manual port for the Postgres server
    Default: 5432

  # Advanced RDS Configuration
  RdsInstanceClass:
    Type: String
    Description: Instance class for the dabase to run on
    Default: db.t2.micro
  RdsEngine:
    Type: String
    Description: Database engine for the database to use
    Default: postgres
    AllowedValues: ["aurora-postgresql", "postgres"]
  RdsUsername:
    Type: String
    Description: Master account's username for database
    Default: postgres
  RdsPort:
    Type: Number
    Description: Port for the database to open a socket on
    Default: "5432"
  RdsStorage:
    Type: Number
    Description: The amount of storage (in GB) allocated to the RDS instance
    Default: "100"
  RdsAccessCidr:
    Type: String
    Description: The CIDR used in the security group to secure the database
    Default: "0.0.0.0/0"

  #-----
  # DNS
  #-----
  Domain:
    Type: String
    Description: The domain to create the endpoint on (Must have an existing hosted zone ex. `example.com`) Leave blank to skip DNS.
    Default: ""
  SubDomain:
    Type: String
    Description: The subdomain to be used by nakama. (ex. `nakama.example.com`)
    Default: nakama

Metadata:
  AWS::CloudFormation::Interface:
    ParameterGroups:
    - Label:
        default: "Deployment Information"
      Parameters:
      - environment
      - release
      - VpcId
      - PublicSubnets
    - Label:
        default: "DNS"
      Parameters:
      - Domain
      - SubDomain
    - Label:
        default: "Nakama Configuration"
      Parameters:
      - NakamaContainer
      - NakamaUsername
      - NakamaPasswordOverride
    - Label:
        default: "Load Balancing"
      Parameters:
      - PortalCertificate
    - Label:
        default: "ECS Configuration"
      Parameters:
      - EcsClusterOverride
    - Label:
        default: "Database Configuration"
      Parameters:
      - CreateDatabase
    - Label:
        default: "Manual Database Configuration"
      Parameters:
      - DatabaseUsername
      - DatabasePassword
      - DatabaseEndpoint
      - DatabasePort
    - Label:
        default: "RDS Configuration"
      Parameters:
      - RdsInstanceClass
      - RdsEngine
      - RdsUsername
      - RdsPort
      - RdsStorage
      - RdsAccessCidr
    ParameterLabels:
      environment:
        default: "Environment"
      release:
        default: "Release"
      VpcId:
        default: "Vpc Id"
      EcsClusterOverride:
        default: "Optional ECS Cluster Override"
      PublicSubnets:
        default: "Public Subnets"
      PortalCertificate:
        default: "Admin Portal ACM Certificate"
      Domain:
        default: "Route53 Domain"
      NakamaContainer:
        default: "Nakama Container Image"
      NakamaUsername:
        default: "Nakama Username"
      NakamaPasswordOverride:
        default: "Nakama Password Override"
      CreateDatabase:
        default: "Create RDS database?"
      DatabaseUsername:
        default: "Remote Database Username"
      DatabasePassword:
        default: "Remote Database Password"
      DatabaseEndpoint:
        default: "Remote Database Endpoint"
      DatabasePort:
        default: "Remote Database Port"
      RdsInstanceClass:
        default: "RDS Instance Class"
      RdsEngine:
        default: "RDS Engine"
      RdsUsername:
        default: "RDS Username"
      RdsPort:
        default: "RDS Port"
      RdsStorage:
        default: "RDS Storage"
      RdsAccessCidr:
        default: "RDS Allow Access CIDR"


Conditions:
  CreateRdsStack: !Equals [!Ref CreateDatabase, "true"]
  CreateDns: !Not [!Equals [!Ref Domain, ""]]
  CreateCluster: !Equals [!Ref EcsClusterOverride, ""]

Resources:

  #-----
  # DNS
  #-----
  DnsRecords:
    Condition: CreateDns
    Type: AWS::CloudFormation::Stack
    Properties:
      TemplateURL: !Sub 'https://s3.us-east-1.amazonaws.com/sumu-stacks/nakama/${release}/cloudformation/nakama/dns.yaml'
      Parameters:
        environment: !Ref environment
        Domain: !Ref Domain
        SubDomain: !Ref SubDomain
        NakamaDns: !GetAtt LoadBalancing.Outputs.PublicNlbDnsName
        AdminDns: !GetAtt LoadBalancing.Outputs.PublicAlbDnsName


  #----------
  # Database
  #----------
  RdsDatabase:
    Condition: CreateRdsStack
    Type: AWS::CloudFormation::Stack
    Properties:
      TemplateURL: !Sub 'https://s3.us-east-1.amazonaws.com/sumu-stacks/nakama/${release}/cloudformation/nakama/rds.yaml'
      Parameters:
        environment: !Ref environment
        VpcId: !Ref VpcId
        InstanceClass: !Ref RdsInstanceClass
        DatabaseEngine: !Ref RdsEngine
        DatabaseUsername: !Ref RdsUsername
        DatabasePort: !Ref RdsPort
        DatabaseStorage: !Ref RdsStorage
        DatabaseAccessCidr: !Ref RdsAccessCidr

  #-----------------
  # Load Balancing 
  #-----------------
  LoadBalancing:
    Type: AWS::CloudFormation::Stack
    Properties:
      TemplateURL: !Sub 'https://s3.us-east-1.amazonaws.com/sumu-stacks/nakama/${release}/cloudformation/nakama/load_balancing.yaml'
      Parameters:
        environment: !Ref environment
        release: !Ref release
        VpcId: !Ref VpcId
        PublicSubnets: !Join [",", !Split [" ", !Ref PublicSubnets]]
        PortalCertificate: !Ref PortalCertificate

  #-------------
  # ECS Cluster
  #-------------
  EcsCluster:
    Condition: CreateCluster
    Type: AWS::CloudFormation::Stack
    Properties:
      TemplateURL: !Sub 'https://s3.us-east-1.amazonaws.com/sumu-stacks/nakama/${release}/cloudformation/cluster/top.yaml'
      Parameters:
        Environment: !Ref environment
        VpcId: !Ref VpcId
        SubnetIds: !Join [",", !Split [" ", !Ref PublicSubnets]]
        Project: "Nakama"

  #-------------------
  # ECS Task & Service
  #-------------------
  TaskDefinition:
    Type: AWS::CloudFormation::Stack
    Properties:
      TemplateURL: !Sub 'https://s3.us-east-1.amazonaws.com/sumu-stacks/nakama/${release}/cloudformation/nakama/task.yaml'
      Parameters:
        NakamaContainer: !Ref NakamaContainer
        DatabaseUsername: !If ["CreateRdsStack", !GetAtt RdsDatabase.Outputs.RdsUsername, !Ref DatabaseUsername]
        DatabasePassword: !If ["CreateRdsStack", !Join ["", ["{{resolve:secretsmanager:", !GetAtt RdsDatabase.Outputs.RdsSecret, ":SecretString}}" ]], !Ref DatabasePassword]
        DatabaseEndpoint: !If ["CreateRdsStack", !GetAtt RdsDatabase.Outputs.RdsEnpoint, !Ref DatabaseEndpoint]
        DatabasePort: !If ["CreateRdsStack", !GetAtt RdsDatabase.Outputs.RdsPort, !Ref DatabasePort]
        NakamaUsername: !Ref NakamaUsername
        NakamaPasswordOverride: !Ref NakamaPasswordOverride

  EcsService:
    DependsOn: LoadBalancing
    Type: AWS::ECS::Service
    Properties:
      Cluster: !If ["CreateCluster", !GetAtt EcsCluster.Outputs.Cluster, !Ref EcsClusterOverride]
      DesiredCount: 1
      TaskDefinition: !GetAtt TaskDefinition.Outputs.TaskArn
      LoadBalancers:  
        - ContainerName: "nakama"
          ContainerPort: 7351
          TargetGroupArn: !GetAtt LoadBalancing.Outputs.AdminPortalTargetGroup
        - ContainerName: "nakama"
          ContainerPort: 7350
          TargetGroupArn: !GetAtt LoadBalancing.Outputs.HttpApiTargetGroup
        - ContainerName: "nakama"
          ContainerPort: 7349
          TargetGroupArn: !GetAtt LoadBalancing.Outputs.GRpcApiTargetGroup
        - ContainerName: "nakama"
          ContainerPort: 7348
          TargetGroupArn: !GetAtt LoadBalancing.Outputs.GRpcEApiTargetGroup