variable "passphrase" {
  sensitive = true
}

variable "backend_access_key" {
  sensitive = true
}

variable "backend_secret_key" {
  sensitive = true
}

variable "backend_endpoint" {
  sensitive = false
}

variable "backend_region" {
  sensitive = false
}

variable "backend_bucket" {
  sensitive = false
}


variable "authentik_url" {
  default = "https://auth.serguzim.me"
}

variable "authentik_token" {
  sensitive = true
}


variable "aws_region" {
  default = "eu-north-1"
}

variable "aws_access_key" {
  sensitive = true
}

variable "aws_secret_key" {
  sensitive = true
}


variable "hcloud_token" {
  sensitive = true
}


variable "healthchecksio_api_key" {
  sensitive = true
}


variable "mailcow_host_name" {
  default = "mail.serguzim.me"
}

variable "mailcow_api_key" {
  sensitive = true
}


variable "ovh_application_key" {
  sensitive = true
}

variable "ovh_application_secret" {
  sensitive = true
}

variable "ovh_consumer_key" {
  sensitive = true
}


variable "postgresql_host" {
  default = "db.serguzim.me"
}

variable "postgresql_port" {
  default = "5432"
}

variable "postgresql_username" {
  sensitive = true
}

variable "postgresql_password" {
  sensitive = true
}


variable "scaleway_organization_id" {
  sensitive = true
}

variable "scaleway_project_id" {
  sensitive = true
}

variable "scaleway_access_key" {
  sensitive = true
}

variable "scaleway_secret_key" {
  sensitive = true
}


variable "tailscale_api_key" {
  sensitive = true
}

variable "tailscale_tailnet" {
  sensitive = false
}


variable "default_ssh_key" {
  type = object({
    name = string
    public_key = string
  })
  default = {
    name = "openpgp:0xAB920993"
    public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCkmWZmum4cVeDy5+9N1HdUzfnjEHSJ900ucD8F0wAy4MV1cdPYnZ4u5PFv5XMfmvA9SJ+VFsr0lhYlr+GQBG9aCCAdMJVVmEz3SccT6dp6ZYywT158RNshzfCe9ylWKK80+W7XnDXhdkec7aK+BQn5wOER3A3mUqRR0JDXWga9jyakH1K6OwXmQOO419bJWs2uCT1ZEgndHxKJEt2pEvoSz7z8p1SS2zyro+R3YtvL9WiDo3+0yPFYficNDr7s39yF5IJE+KTqAlCn5R2+kJ54lRmzB8oNS2jGwK2Q6wtph4AmfnlJTMODG2U2RjUltH2MIDXIYe2epATWL8qhkI4LTr38C7QR3DeJQsel/yTWdYqGakvU6Ge/xkbsaWOrSDTV3bPgKHzlL+dIKaGpV+5usZN4fpOLOb/nmYy3ekLpobzxza7rBRT2CxXS72DoPFaRE1ye7SxhcsLBNwre9YQFE4VvUZwJYkWz2V7eqGrk8VYnmQmT/bnUnMnVwMpeDc7pFKAFndIUxifoOj77c98Tdy3ncdS7SOd7+zRbLG+7k0UU1k89o1+tfREAddUJYR4RvB6g0kCyjpwOf1Pt4zhJR3y/zpsCCc5UnzK9X2kEo/8TSyvTr+GBiFVp5yLYgwCPJSNna33YX7+c3oLRM1QGgtqZk9qnGX9hgP8qpF8Akw== openpgp:0xAB920993"
  }
}


variable "services" {
  type = map(object({
    host = string
    dns = optional(list(object({
      domain = string
      name = optional(string)
      alias = optional(string)
    })))
    backup = optional(list(object({
      name = string
      type = string
      path = optional(string)
    })))
    monitoring = optional(object({
      url   = optional(string)
      group = optional(string)
      interval = optional(string)
      conditions = optional(list(string))
    }))
    ports = optional(list(object({
      description = string
      port = string
      protocol = string
      type = string
    })))
    certificates = optional(list(string))
    auth = bool
    auth_cert = optional(string)
    auth_redirects = optional(list(string))
    s3 = bool
    database = bool
    mail = optional(string)
  }))
}

variable "hosts" {
  type = map(object({
    hostname = string
    rdns = string
    provider = string
    image = optional(string)
    server_type = optional(string)
    datacenter = optional(string)
  }))
}

variable "email_domains" {
  type = set(string)
}