// Set up network for compute to live.
resource "hcloud_network" "net" {
  name     = "Private Network"
  ip_range = local.net-cidr
}

// Set up private subnet, for compute.
resource "hcloud_network_subnet" "subnet" {
  network_id   = hcloud_network.net.id
  type         = "cloud"
  network_zone = "eu-central"
  ip_range     = local.subnet-cidr
}

// Attach the load balancer to the compute subnet.
resource "hcloud_load_balancer_network" "attachment" {
  load_balancer_id = hcloud_load_balancer.lb.id
  subnet_id        = hcloud_network_subnet.subnet.id
  ip               = local.lb-private-ip
}

// Provide internet to the private servers, by sending all internet traffic to
// the NAT.
resource "hcloud_network_route" "gateway" {
  network_id  = hcloud_network.net.id
  destination = "0.0.0.0/0"
  gateway     = local.nat-private-ip
}