allow to configure bastion port

bastion-setup.sh

@@ -9,11 +9,11 @@ export HOME=/root
 yum install -y haproxy
 
 echo "
-listen pgsql
-        bind 0.0.0.0:5432
+listen database
+        bind 0.0.0.0:${db_port}
         timeout connect 10s
         mode tcp
-        server pgsql ${db_address}
+        server database ${db_address}
 " >> /etc/haproxy/haproxy.cfg
 
 service haproxy restart

bastion.tf

@@ -19,6 +19,7 @@ resource "aws_instance" "bastion" {
 
   user_data = var.db_address == null ? null : templatefile("${path.module}/bastion-setup.sh", {
     db_address = var.db_address,
+    db_port = var.db_port,
   })
   user_data_replace_on_change = true
 

variables.tf

@@ -17,6 +17,12 @@ variable "db_address" {
   description = "Address of the database that should be accessible from the bastion via HAProxy"
 }
 
+variable "db_port" {
+  type = number
+  default = null
+  description = "Port on which the proxy will listen"
+}
+
 variable "profile_permissions_boundary_arn" {
   type = string
   default = null