terraform-modules/example/terraform.tfvars

organization_id = "03a34540-3c1a-4794-b2c6-7111ecf824ef"

Projects_map = {
  "projekt-alpha" = {
    name        = "tf_modules_test_3_max"
    owner_email = "maximilian.schlenz@stackit.cloud"
  },
  "projekt-beta" = {
    name        = "tf_modules_test_4_max"
    owner_email = "maximilian.schlenz@stackit.cloud"
  }
}

SNA_name = "sna-tf_modules_test"

SNA_network_ranges = [
  { prefix = "192.168.10.0/24" }
]

SNA_transfer_network = "172.16.0.0/24"

security_groups = {
  ssh_ingress_group = {
    name        = "ssh-ingress-group"
    project_key = "projekt-alpha"
    description = "ALLOW SSH ingress"
    rules = [
      { description = "SSH RULE 1"
        direction   = "ingress"
        ether_type  = "IPv4"
        ip_range    = "0.0.0.0/0"
        protocol = {
          name = "tcp"
        }
        port_range = {
          min = 22
          max = 22
        }
      },
    ]
  },

  web_traffic_group = {
    name        = "web-traffic-group"
    project_key = "projekt-alpha"
    description = "ALLOW WEB TRAFFIC ingress"
    rules = [
      { description = "ALLOW ALL 80"
        direction   = "ingress"
        ether_type  = "IPv4"
        ip_range    = "0.0.0.0/0"
        protocol = {
          name = "tcp"
        }
        port_range = {
          min = 80
          max = 80
        }
      },
      { description = "ALLOW ALL 443"
        direction   = "ingress"
        ether_type  = "IPv4"
        ip_range    = "0.0.0.0/0"
        protocol = {
          name = "tcp"
        }
        port_range = {
          min = 443
          max = 443
        }
      },
    ]
  },
}

postgres_instances = {
  dev = {
    name    = "pg-test-instance"
    project_key = "projekt-alpha"
    version = 17
    flavor = {
      cpu = 2,
      ram = 4
    }
    storage = {
      class = "premium-perf6-stackit",
      size  = 20
    }
    replicas        = 1
    acl             = ["0.0.0.0/0"]
    backup_schedule = "00 00 * * *"

    users = [
      { username = "adminusr",
        roles    = ["login", "createdb"]
      },
      { username = "testusr",
        roles    = ["login"]
      }
    ]

    databases = [
      {
        name  = "testdb",
        owner = "admin"
      }
    ]
  }
}

networks = {
  wan_network = {
    name               = "wan_network"
    project_key            = "projekt-alpha"
    ipv4_nameservers   = ["1.1.1.1", "8.8.8.8"]
    ipv4_prefix_length = 24
    ipv4_prefix        = "10.219.0.0/24"
    routed             = true
  }
  lan_network1 = {
    name               = "lan_network1"
    project_key            = "projekt-alpha"
    ipv4_nameservers   = ["1.1.1.1", "8.8.8.8"]
    ipv4_prefix_length = 24
    ipv4_prefix        = "10.220.1.0/24"
    routed             = true
    nics = {
      p2_lan1 = {
        nic_name     = "P2LAN1"
        nic_ipv4     = "10.220.1.32"
        nic_security = true
        nic_security_group_names = ["ssh-ingress-group"]
      }
    }
  }
  lan_network2 = {
    name               = "lan_network2"
    project_key            = "projekt-alpha"
    ipv4_nameservers   = ["1.1.1.1", "8.8.8.8"]
    ipv4_prefix_length = 24
    ipv4_prefix        = "10.221.0.0/24"
    routed             = true
  }
  lan_network3 = {
    name               = "lan_network3"
    project_key            = "projekt-alpha"
    ipv4_nameservers   = ["1.1.1.1", "8.8.8.8"]
    ipv4_prefix_length = 24
    ipv4_prefix        = "10.223.3.0/24"
    routed             = true
  }
  wan = {
    name               = "MGMT"
    project_key            = "projekt-alpha"
    ipv4_nameservers   = ["1.1.1.1", "8.8.8.8"]
    ipv4_prefix_length = 24
    nic_ipv4           = "10.224.0.254"
  }

  db = {
    name         = "db-net"
    project_key            = "projekt-alpha"
    ipv4_nameservers   = ["1.1.1.1", "8.8.8.8"]
    nic_ipv4     = "10.0.0.126"
    nic_security = true
  }
}

observability_instances = {
  test = {
    # Required
    name      = "test-observability"
    project_key = "projekt-alpha"
    plan_name = "Observability-Large-EU01"

    # Optional instance settings
    acl                                    = ["192.168.100.10/32", "203.0.113.5/32"]
    metrics_retention_days                 = 30
    metrics_retention_days_5m_downsampling = 10
    metrics_retention_days_1h_downsampling = 5
    # parameters = {
    #   "custom_param" = "value"
    # }

    # Credentials
    create_credentials = true
    credentials_count  = 2

    # alert‑groups
    alertgroups = {
      test_group = {
        name     = "example-alert-group"
        interval = "60s"
        rules = [
          {
            alert      = "example-alert-name"
            expression = "kube_node_status_condition{condition=\"Ready\", status=\"false\"} > 0"
            for        = "60s"
            labels = {
              severity = "critical"
            }
            annotations = {
              summary     = "example summary"
              description = "example description"
            }
          },
          {
            alert      = "example-alert-name-2"
            expression = "kube_node_status_condition{condition=\"Ready\", status=\"false\"} > 0"
            for        = "1m"
            labels = {
              severity = "critical"
            }
            annotations = {
              summary     = "example summary"
              description = "example description"
            }
          },
        ]
      }
    }

    # log‑alert‑groups
    logalertgroups = {
      example_log = {
        name     = "example-log-alert-group"
        interval = "60m"
        rules = [
          {
            alert      = "example-log-alert-name"
            expression = "sum(rate({namespace=\"example\", pod=\"logger\"} |= \"Simulated error message\" [1m])) > 0"
            for        = "60s"
            labels = {
              severity = "critical"
            }
            annotations = {
              summary     = "example summary"
              description = "example description"
            }
          },
          {
            alert      = "example-log-alert-name-2"
            expression = "sum(rate({namespace=\"example\", pod=\"logger\"} |= \"Another error message\" [1m])) > 0"
            for        = "60s"
            labels = {
              severity = "critical"
            }
            annotations = {
              summary     = "example summary"
              description = "example description"
            }
          },
        ]
      }
    }

    # scrapeconfigs
    scrapeconfigs = {
      example_job = {
        name         = "example-job"
        metrics_path = "/my-metrics"
        saml2 = {
          enable_url_parameters = true
        }
        targets = [
          {
            urls = ["url1", "urls2"]
            labels = {
              "url1" = "dev"
            }
          }
        ]
      }
    }
  }
}

ske_clusters = {

  "prod-cluster" = {
    name                   = "clusterprod" 
    project_key            = "projekt-alpha"
    network_id             = "53917a75-0014-49b0-a4d6-e62934ab479f" # WICHTIG: Hier die Netzwerk-ID connecten
    kubernetes_version_min = "1.32.5"

    node_pools = [
      {
        name               = "defaulpool"
        machine_type       = "c1.2"
        availability_zones = ["eu01-1"]
        minimum            = 1
        maximum            = 2
        cri                = "containerd"
        volume_type        = "storage_premium_perf1"
        volume_size        = 21
        labels             = { "worker" = "default" }
        taints = [{
          effect = "NoSchedule"
          key    = "app"
          value  = "database"
        }]
      }
    ]

    hibernations = [
      {
        start    = "00 18 * * 1-5" # Mo-Fr um 18:00 Uhr
        end      = "00 08 * * 1-5" # Mo-Fr um 08:00 Uhr
        timezone = "Europe/Berlin"
      }
    ]

    maintenance = {
      enable_kubernetes_version_updates  = true
      enable_machine_image_version_updates = true
      start                              = "01:00:00Z"
      end                                = "03:00:00Z"
    }

    extensions = {
      acl = {
        enabled       = true
        allowed_cidrs = ["0.0.0.0/0"]
      }
    }
  },
  
  "dev-cluster" = {
    name        = "clusterdev"
    kubernetes_version_min = "1.32.5"
    project_key = "projekt-beta"
    network_id  = "bedfc709-9285-4078-93ab-8e8a1c0be6bd" # WICHTIG: Hier die Netzwerk-ID connecten

    node_pools = [
      {
        name               = "devpool"
        machine_type       = "c1.2"
        availability_zones = ["eu01-2"]
        minimum            = 1
        maximum            = 2
        volume_size        = 21 
      }
    ]
  }
}