data "hcloud_image" "ubuntu" {
  name        = "ubuntu-24.04"
  with_status = ["available"]
}

resource "hcloud_server" "control_plane" {
  count = var.control_plane_count

  name        = "${var.cluster_name}-cp-${count.index + 1}"
  server_type = var.control_plane_type
  image       = data.hcloud_image.ubuntu.id
  location    = var.location
  ssh_keys    = [data.hcloud_ssh_key.cluster.id]

  labels = {
    cluster = var.cluster_name
    role    = "control-plane"
  }

  user_data = <<-EOF
    #cloud-config
    package_update: true
    runcmd:
      - curl -fsSL https://tailscale.com/install.sh | sh
      - tailscale up --authkey '${var.tailscale_auth_key}' --hostname '${var.cluster_name}-cp-${count.index + 1}' --ssh=false --accept-routes=false
  EOF

  network {
    network_id = hcloud_network.cluster.id
    ip         = cidrhost(var.subnet_cidr, 10 + count.index)
  }

  public_net {
    ipv4_enabled = true
    ipv6_enabled = true
  }

  firewall_ids = [hcloud_firewall.cluster.id]
}

resource "hcloud_server" "workers" {
  count = var.worker_count

  name        = "${var.cluster_name}-worker-${count.index + 1}"
  server_type = var.worker_type
  image       = data.hcloud_image.ubuntu.id
  location    = var.location
  ssh_keys    = [data.hcloud_ssh_key.cluster.id]

  labels = {
    cluster = var.cluster_name
    role    = "worker"
  }

  user_data = <<-EOF
    #cloud-config
    package_update: true
    runcmd:
      - curl -fsSL https://tailscale.com/install.sh | sh
      - tailscale up --authkey '${var.tailscale_auth_key}' --hostname '${var.cluster_name}-worker-${count.index + 1}' --ssh=false --accept-routes=false
  EOF

  network {
    network_id = hcloud_network.cluster.id
    ip         = cidrhost(var.subnet_cidr, 20 + count.index)
  }

  public_net {
    ipv4_enabled = true
    ipv6_enabled = true
  }

  firewall_ids = [hcloud_firewall.cluster.id]

  depends_on = [hcloud_server.control_plane]
}