/* ------- project 1 - landingzone ------------ */
resource "stackit_network" "landingzone_wan" {
  project_id          = module.project.project_info["landingzone"].project_id
  name                = "landingzone_wan"
  ipv4_nameservers    = ["1.1.1.1", "8.8.8.8"]
  ipv4_prefix         = "10.220.0.0/24"
  routed              = true
}

resource "stackit_network" "landingzone_lan" {
  project_id         = module.project.project_info["landingzone"].project_id
  name               = "landingzone_lan"
  ipv4_prefix        = "10.220.1.0/24"
  routed              = true
}

resource "stackit_network_interface" "landingzone_wan" {
  project_id        = module.project.project_info["landingzone"].project_id
  network_id        = stackit_network.landingzone_wan.network_id
  security          = false
  name              = "MGMT"
  ipv4              = "10.220.0.254"

}

resource "stackit_network_interface" "landingzone_lan" {
  project_id         = module.project.project_info["landingzone"].project_id
  network_id         = stackit_network.landingzone_lan.network_id
  security           = false
  name              = "LAN1"
}

/* ---------- project 2 core ------------------ */
resource "stackit_network" "core_lan" {
  project_id         = module.project.project_info["core"].project_id
  name               = "core_lan"
  ipv4_prefix        = "10.220.5.0/24"
  routed              = true
}

resource "stackit_network_interface" "core_lan" {
  project_id         = module.project.project_info["core"].project_id
  network_id         = stackit_network.core_lan.network_id
  security           = false
  name              = "CORELAN"
  security_group_ids = [ stackit_security_group.example.security_group_id ]
}

/* this is for adding a second network interface to the core project (for WAN access).*/
 resource "stackit_network" "core_wan" {
  project_id         = module.project.project_info["core"].project_id
  name               = "core_wan"
  ipv4_prefix        = "10.220.50.0/24"
  routed              = true
}

resource "stackit_network_interface" "core_wan" {
  project_id         = module.project.project_info["core"].project_id
  network_id         = stackit_network.core_wan.network_id
  security           = false
  name              = "core_wan_if"
}
/**/

/* ---------- project 3 backup ------------------ */
resource "stackit_network" "backup_lan" {
  project_id         = module.project.project_info["backup"].project_id
  name               = "backup_lan"
  ipv4_prefix        = "10.220.6.0/24"
  routed              = true
}

resource "stackit_network_interface" "backup_lan" {
  project_id         = module.project.project_info["backup"].project_id
  network_id         = stackit_network.backup_lan.network_id
  security           = false 
  name              = "BACKUPLAN"
  //security_group_ids = [ stackit_security_group.example.security_group_id ]
}

/* project 4 for SKE, so no configuration necessary here */

/* ------- project 5 - vpn ------------ */
resource "stackit_network" "vpn_wan" {
  project_id          = module.project.project_info["vpn"].project_id
  name                = "vpn_wan"
  ipv4_nameservers    = ["1.1.1.1", "8.8.8.8"]
  ipv4_prefix         = "10.230.0.0/24"
  routed              = true
}

resource "stackit_network" "vpn_lan" {
  project_id         = module.project.project_info["vpn"].project_id
  name               = "vpn_lan"
  ipv4_prefix        = "10.230.1.0/24"
  routed              = true
}

resource "stackit_network_interface" "vpn_wan" {
  project_id        = module.project.project_info["vpn"].project_id
  network_id        = stackit_network.vpn_wan.network_id
  security          = false
  name              = "MGMT"
  ipv4              = "10.230.0.254"

}

resource "stackit_network_interface" "vpn_lan" {
  project_id         = module.project.project_info["vpn"].project_id
  network_id         = stackit_network.vpn_lan.network_id
  security           = false
  name              = "VPNLAN"
}

/* ---------- project 6 infra ------------------ */
resource "stackit_network" "infra_lan" {
  project_id         = module.project.project_info["infra"].project_id
  name               = "infra_lan"
  ipv4_prefix        = "10.230.5.0/24"
  routed              = true
}

resource "stackit_network_interface" "infra_lan" {
  project_id         = module.project.project_info["infra"].project_id
  network_id         = stackit_network.infra_lan.network_id
  security           = false
  name              = "INFRALAN"
  security_group_ids = [ stackit_security_group.example_beta.security_group_id ]
}

/* ---------- public IP configuration------------- */
resource "stackit_public_ip" "landingzone_wan" {
  project_id           = module.project.project_info["landingzone"].project_id
  network_interface_id = stackit_network_interface.landingzone_wan.network_interface_id
}
resource "stackit_public_ip" "vpn_wan" {
  project_id           = module.project.project_info["vpn"].project_id
  network_interface_id = stackit_network_interface.vpn_wan.network_interface_id
}

/* this is for adding a public IP to the second project (core) for WAN access. */
resource "stackit_public_ip" "core_wan" {
  project_id           = module.project.project_info["core"].project_id
  network_interface_id = stackit_network_interface.core_wan.network_interface_id
}

/* Output the public IPs for both projects */
output "public_ips" {
  value = {
    "pfsense-alpha"   = stackit_public_ip.landingzone_wan.ip
    "pfsense-beta" = stackit_public_ip.vpn_wan.ip
    "wan_server"   = stackit_public_ip.core_wan.ip
  }
}

output "private_ips" {
  value = {
    "linux-alpha"   = stackit_network_interface.core_lan.ipv4
    "linux-beta"    = stackit_network_interface.infra_lan.ipv4
  }
}