variable "region" {
  description = "Region for the STACKIT Cloud"
  type        = string
  default     = "eu01"
}

variable "project_id" {
  description = "STACKIT Cloud project ID"
  type        = string
}

variable "service_account_token" {
  description = "Service account token for authentication"
  sensitive   = true
  type        = string
}

variable "service_account_key_path" {
  type    = string
  default = ""
}

variable "organization_id" {
  description = "Organization ID"
  type        = string
}

variable "owner_email" {
  description = "Email of the project owner"
  type        = string
  default     = null
}

variable "security_groups" {
  type = map(object({
    name        = optional(string)
    description = optional(string)
    rules = list(object({
      direction   = string
      description = optional(string)
      ether_type  = optional(string)
      icmp_parameters = optional(object({
        type = optional(number)
        code = optional(number)
      }))
      ip_range = optional(string)
      port_range = optional(object({
        min = number
        max = number
      }))
      protocol = optional(object({
        name   = optional(string)
        number = optional(number)
      }))
      remote_security_group_id = optional(string)
    }))
  }))
}

variable "postgres_instances" {
  type = map(object({
    name            = string
    version         = number
    flavor          = object({ cpu = number, ram = number })
    storage         = object({ class = string, size = number })
    replicas        = number
    acl             = list(string)
    backup_schedule = string
    users = list(object({
      username = string
      roles    = set(string)
    }))
    databases = list(object({
      name  = string
      owner = string
    }))
  }))
}

# Network definition map
variable "networks" {
  type = map(object({
    name = string

    # IPv4 settings
    ipv4_gateway       = optional(string)
    ipv4_nameservers   = optional(list(string))
    ipv4_prefix        = optional(string)
    ipv4_prefix_length = optional(number)

    # IPv6 settings
    ipv6_gateway       = optional(string)
    ipv6_nameservers   = optional(list(string))
    ipv6_prefix        = optional(string)
    ipv6_prefix_length = optional(number)

    # Flags & labels
    labels          = optional(map(string))
    no_ipv4_gateway = optional(bool)
    no_ipv6_gateway = optional(bool)
    routed          = optional(bool)

    # NIC‑specific options
    nics = optional(map(object({
      nic_ipv4                 = optional(string)
      nic_name                 = string
      nic_allowed_addresses    = optional(list(string))
      nic_labels               = optional(map(string))
      nic_security             = optional(bool)
      nic_security_group_ids   = optional(list(string))
      nic_security_group_names = optional(list(string))
    })))
  }))

  default = {}
}


# variable "ske_clusters" {
#   type = map(object({
#     name                   = string
#     kubernetes_version_min = string
#     node_pools = list(object({
#       name               = string
#       machine_type       = string
#       availability_zones = list(string)
#       volume_size        = number
#       minimum            = number
#       maximum            = number
#     }))
#   }))
# }

# variable "observability_instances" {
#   type = map(object({
#     name      = string
#     plan_name = string
#   }))
# }