# Input Variables for GLAM Infrastructure

# Hetzner Cloud API Token
variable "hcloud_token" {
  description = "Hetzner Cloud API token with read/write permissions"
  type        = string
  sensitive   = true
}

# Server Configuration
variable "server_type" {
  description = "Hetzner server type (cx32 = 4 vCPU, 8GB RAM)"
  type        = string
  default     = "cx32"
}

variable "location" {
  description = "Hetzner datacenter location"
  type        = string
  default     = "nbg1" # Nuremberg, Germany

  validation {
    condition     = contains(["nbg1", "fsn1", "hel1", "ash"], var.location)
    error_message = "Location must be one of: nbg1 (Nuremberg), fsn1 (Falkenstein), hel1 (Helsinki), ash (Ashburn)."
  }
}

variable "environment" {
  description = "Deployment environment (production, staging, development)"
  type        = string
  default     = "production"

  validation {
    condition     = contains(["production", "staging", "development"], var.environment)
    error_message = "Environment must be one of: production, staging, development."
  }
}

# Storage
variable "volume_size_gb" {
  description = "Size of persistent data volume in GB"
  type        = number
  default     = 50

  validation {
    condition     = var.volume_size_gb >= 10 && var.volume_size_gb <= 10000
    error_message = "Volume size must be between 10 and 10000 GB."
  }
}

# Network Configuration
variable "domain" {
  description = "Domain name for the SPARQL endpoint (e.g., sparql.glam-ontology.org)"
  type        = string
}

variable "admin_email" {
  description = "Admin email for Let's Encrypt certificates and alerts"
  type        = string
}

variable "use_floating_ip" {
  description = "Whether to use a floating IP (more stable but costs extra)"
  type        = bool
  default     = false
}

# SSH Access
variable "ssh_public_key_path" {
  description = "Path to SSH public key file for server access"
  type        = string
  default     = "~/.ssh/id_rsa.pub"
}

variable "ssh_allowed_ips" {
  description = "IP addresses allowed to SSH into the server (CIDR notation)"
  type        = list(string)
  default     = ["0.0.0.0/0", "::/0"] # Allow all by default, restrict in production
}

variable "sparql_allowed_ips" {
  description = "IP addresses allowed direct access to SPARQL port 7878 (CIDR notation)"
  type        = list(string)
  default     = [] # Empty = no direct access, use reverse proxy instead
}

# Oxigraph Configuration
variable "oxigraph_version" {
  description = "Oxigraph server version to install"
  type        = string
  default     = "0.4.1" # Latest stable as of Nov 2025
}

# Tags
variable "project_tags" {
  description = "Additional tags to apply to all resources"
  type        = map(string)
  default     = {}
}