// Add the servers to a placement group.
resource "hcloud_placement_group" "group" {
  name = "Cluster Group"
  type = "spread"
}

// Secure NAT via SSH key.
resource "hcloud_ssh_key" "main" {
  name       = "my-ssh-key"
  public_key = file(var.public_key_file)
}

// The Jumphost/NAT, to interact and provide internet access to the cluster.
resource "hcloud_server" "nat" {
  name               = "nat"
  image              = "debian-12"
  server_type        = "cx23"
  placement_group_id = hcloud_placement_group.group.id
  ssh_keys           = [hcloud_ssh_key.main.id]

  network {
    network_id = hcloud_network.net.id
    ip         = local.nat-private-ip
  }

  public_net {
    ipv4_enabled = true
    ipv6_enabled = false
  }

  depends_on = [hcloud_network_subnet.subnet]
}

// Private compute instances.
resource "hcloud_server" "server" {
  for_each           = local.servers
  name               = each.key
  image              = "debian-12"
  server_type        = "cx23"
  placement_group_id = hcloud_placement_group.group.id
  ssh_keys           = [hcloud_ssh_key.main.id]

  network {
    network_id = hcloud_network.net.id
    ip         = each.value
  }
  public_net {
    ipv4_enabled = false
    ipv6_enabled = false
  }

  depends_on = [hcloud_network_subnet.subnet]
}

resource "hcloud_load_balancer" "lb" {
  name               = "lb-hetzner"
  load_balancer_type = "lb11"
  network_zone       = "eu-central"
}

resource "hcloud_load_balancer_target" "load_balancer_target" {
  for_each = hcloud_server.server

  type             = "server"
  load_balancer_id = hcloud_load_balancer.lb.id
  use_private_ip   = true
  server_id        = each.value.id
}