variable "hcloud_token" {
  description = "Hetzner Cloud API token"
  type        = string
  sensitive   = true
}

variable "name" {
  description = "Server name"
  type        = string
  default     = "unrip-1"
}

variable "location" {
  description = "Hetzner location"
  type        = string
  default     = "nbg1"
}

variable "server_type" {
  description = "Hetzner server type"
  type        = string
  default     = "cpx32"
}

variable "image" {
  description = "Hetzner image"
  type        = string
  default     = "ubuntu-24.04"
}

variable "ssh_public_key" {
  description = "Public SSH key content used for automation access"
  type        = string
}

variable "admin_cidr_blocks" {
  description = "CIDR blocks allowed to access SSH and K8s API when public admin access is enabled"
  type        = list(string)
  default     = []
}

variable "tailscale_enabled" {
  description = "Install and use Tailscale for admin/control-plane access"
  type        = bool
  default     = true
}

variable "tailscale_auth_key" {
  description = "Tailscale auth key used for unattended node join"
  type        = string
  sensitive   = true
  default     = ""
}

variable "tailscale_control_plane_hostname" {
  description = "Expected Tailscale DNS name for the node; if set, bootstrap prefers it for kube access"
  type        = string
  default     = ""
}

variable "k3s_channel" {
  description = "K3s release channel"
  type        = string
  default     = "stable"
}

variable "network_cidr" {
  description = "Private network CIDR for the single-node cluster"
  type        = string
  default     = "10.30.0.0/16"
}

variable "subnet_cidr" {
  description = "Private subnet CIDR for the server attachment"
  type        = string
  default     = "10.30.1.0/24"
}

variable "network_zone" {
  description = "Hetzner network zone"
  type        = string
  default     = "eu-central"
}

variable "private_ipv4_address" {
  description = "Static private IPv4 assigned to the node on the Hetzner network"
  type        = string
  default     = "10.30.1.10"
}

variable "public_domain" {
  description = "Public DNS name pointing at the server IPv4/IPv6; used for ingress/TLS"
  type        = string
}

variable "bootstrap_repo_path" {
  description = "Reserved repository subdirectory name for a future node-local bootstrap/GitOps flow; current provisioning still applies manifests from the operator workstation"
  type        = string
  default     = "deploy/k8s"
}