provider "openstack" {
  user_name   = "admin"
  tenant_name = "admin"
  password    = "3QAtP4dECYsRtxIpW23OpPYiE7XOUvZ9UDmtyiDT"
  auth_url    = "http://console.hnrx.cloud:5000/v3"
  region      = "RegionOne"
}

provider "openstack" {
  alias       = "octavia"
  user_name   = "octavia"
  tenant_name = "service"
  password    = "L8dZsrWOtNI8UvLVGKseC3FB5tRZ0cZTI1xw87Ns"
  auth_url    = "http://console.hnrx.cloud:5000/v3"
  region      = "RegionOne"
}

# Projects
resource "openstack_identity_project_v3" "hnrx-prod" {
  name        = "hnrx-prod"
  description = "hnrx production project"
}

resource "openstack_identity_project_v3" "hnrx-dev" {
  name        = "hnrx-dev"
  description = "hnrx development project"
}

# Networks
resource "openstack_networking_network_v2" "hnrx-prod" {
  name           = "hnrx-prod"
  admin_state_up = "true"
  shared         = true
  external       = true
  dns_domain     = "hnrx.cloud."
  segments {
    physical_network = "physnet1"
    segmentation_id  = 113
    network_type     = "vlan"
  }
}

resource "openstack_networking_network_v2" "hnrx-dev" {
  name           = "hnrx-dev"
  admin_state_up = "true"
  shared         = true
  external       = true
  dns_domain     = "hnrx.dev.cloud."

  segments {
    physical_network = "physnet1"
    segmentation_id  = 112
    network_type     = "vlan"
  }
}

resource "openstack_networking_network_v2" "internal" {
  name   = "internal"
  shared = true
}

# Subnets
resource "openstack_networking_subnet_v2" "hnrx-prod" {
  name       = "hnrx-prod-subnet"
  network_id = openstack_networking_network_v2.hnrx-prod.id
  cidr       = "192.168.113.0/24"
  allocation_pool {
    start = "192.168.113.10"
    end   = "192.168.113.200"
  }
  enable_dhcp     = true
  gateway_ip      = "192.168.113.1"
  dns_nameservers = ["192.168.1.1"]
}

resource "openstack_networking_subnet_v2" "hnrx-dev" {
  name       = "hnrx-dev-subnet"
  network_id = openstack_networking_network_v2.hnrx-dev.id
  cidr       = "192.168.112.0/24"
  allocation_pool {
    start = "192.168.112.10"
    end   = "192.168.112.200"
  }
  enable_dhcp     = true
  gateway_ip      = "192.168.112.1"
  dns_nameservers = ["192.168.1.1"]

}

resource "openstack_networking_subnet_v2" "internal-subnet" {
  name            = "internal-subnet"
  network_id      = openstack_networking_network_v2.internal.id
  cidr            = "10.0.10.0/24"
  dns_nameservers = ["192.168.1.1"]
}

# Security Groups
resource "openstack_networking_secgroup_v2" "hnrx_default" {
  name        = "hnrx-default"
  description = "hnrx-default security group"
}

resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_1" {
  direction         = "ingress"
  ethertype         = "IPv4"
  protocol          = "tcp"
  port_range_min    = 22
  port_range_max    = 22
  remote_ip_prefix  = "0.0.0.0/0"
  security_group_id = openstack_networking_secgroup_v2.hnrx_default.id
}

resource "openstack_networking_secgroup_rule_v2" "default_sg_icmp" {
  security_group_id = openstack_networking_secgroup_v2.hnrx_default.id
  direction         = "ingress"
  protocol          = "icmp"
  remote_ip_prefix  = "0.0.0.0/0"
  ethertype         = "IPv4"
}

# Router
resource "openstack_networking_router_v2" "internal-router" {
  name                = "internal-router"
  admin_state_up      = true
  external_network_id = openstack_networking_network_v2.hnrx-prod.id
}

resource "openstack_networking_router_interface_v2" "router_interface_1" {
  router_id = openstack_networking_router_v2.internal-router.id
  subnet_id = openstack_networking_subnet_v2.internal-subnet.id
}

# Flavors
resource "openstack_compute_flavor_v2" "m1-tiny" {
  name      = "m1.tiny"
  ram       = "512"
  vcpus     = "1"
  disk      = "5"
  is_public = true
}

resource "openstack_compute_flavor_v2" "m1-small" {
  name      = "m1.small"
  ram       = "1024"
  vcpus     = "1"
  disk      = "10"
  is_public = true
}

resource "openstack_compute_flavor_v2" "m1-medium" {
  name      = "m1.medium"
  ram       = "2048"
  vcpus     = "1"
  disk      = "20"
  is_public = true
}

resource "openstack_compute_flavor_v2" "m1-large" {
  name      = "m1.large"
  ram       = "4096"
  vcpus     = "1"
  disk      = "40"
  is_public = true
}

resource "openstack_compute_flavor_v2" "m1-xlarge" {
  name      = "m1.xlarge"
  ram       = "8192"
  vcpus     = "1"
  disk      = "80"
  is_public = true
}

resource "openstack_compute_flavor_v2" "c2-tiny" {
  name      = "c2.tiny"
  ram       = "1024"
  vcpus     = "2"
  disk      = "25"
  is_public = true
}

resource "openstack_compute_flavor_v2" "c2-small" {
  name      = "c2.small"
  ram       = "2048"
  vcpus     = "2"
  disk      = "50"
  is_public = true
}

resource "openstack_compute_flavor_v2" "c2-medium" {
  name      = "c2.medium"
  ram       = "4096"
  vcpus     = "2"
  disk      = "75"
  is_public = true
}

resource "openstack_compute_flavor_v2" "c2-large" {
  name      = "c2.large"
  ram       = "8192"
  vcpus     = "2"
  disk      = "100"
  is_public = true
}

resource "openstack_compute_flavor_v2" "c2-xlarge" {
  name      = "c2.xlarge"
  ram       = "16384"
  vcpus     = "2"
  disk      = "200"
  is_public = true
}

# Images
resource "openstack_images_image_v2" "cirros" {
  name             = "CirrOS"
  image_source_url = "https://files.hnrx.net/OS-Images/cirros-0.6.3-x86_64-disk.img"
  container_format = "bare"
  disk_format      = "qcow2"
  web_download     = true
}

resource "openstack_images_image_v2" "fedora-41" {
  name             = "Fedora"
  image_source_url = "https://files.hnrx.net/OS-Images/Fedora-Cloud-Base-Generic-41-1.4.x86_64.qcow2"
  container_format = "bare"
  disk_format      = "qcow2"
  web_download     = true
}

resource "openstack_images_image_v2" "opensuse" {
  name             = "openSUSE-Leap-15.6.x86_64-1.0.4"
  image_source_url = "https://files.hnrx.net/OS-Images/openSUSE-Leap-15.6.x86_64-1.0.4.qcow2"
  web_download     = true
  container_format = "bare"
  disk_format      = "qcow2"
}

resource "openstack_images_image_v2" "talos" {
  name             = "talos-1.10.2"
  image_source_url = "https://files.hnrx.net/OS-Images/talos-1.10.2-openstack-amd64.raw"
  web_download     = true
  container_format = "bare"
  disk_format      = "raw"
}

resource "openstack_images_image_v2" "talos-1-10-4" {
  name             = "talos-1.10.4"
  image_source_url = "https://factory.talos.dev/image/89b50c59f01a5ec3946078c1e4474c958b6f7fe9064654e15385ad1ad73f536c/v1.10.4/openstack-amd64.raw.xz"
  container_format = "bare"
  decompress       = true
  disk_format      = "raw"
}

resource "openstack_images_image_v2" "amphora" {
  provider         = openstack.octavia
  name             = "amphora-x64-haproxy.qcow2"
  image_source_url = "https://files.hnrx.net/OS-Images/amphora-x64-haproxy.qcow2"
  web_download     = true
  container_format = "bare"
  disk_format      = "qcow2"
  visibility       = "private"
  tags             = ["amphora", "haproxy"]
  properties = {
    "hw_architecture" = "x86_64"
    "hw_rng_model"    = "virtio"
  }
}

# Keypairs
resource "openstack_compute_keypair_v2" "mh-key" {
  name       = "mh"
  public_key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFJ4YMDAlzgWhvlwKbiyjztiQHKOXwhwJt0VVmQKONj+ matthias.hinrichs@me.com"
}

#DNS Zone
resource "openstack_dns_zone_v2" "hnrx-zone" {
  name        = "hnrx.cloud."
  description = "default hnrx zone"
  email       = "matthias.hinrichs@hnrx.net"
  type        = "PRIMARY"
  ttl         = 60
}
resource "openstack_dns_zone_v2" "hnrx-dev-zone" {
  name        = "dev.hnrx.cloud."
  description = "default hnrx dev zone"
  email       = "matthias.hinrichs@hnrx.net"
  type        = "PRIMARY"
  ttl         = 60
  #project_id  = openstack_networking_subnet_v2.hnrx-dev.id
}