terraform {
  required_providers {
    google = {
      source  = "hashicorp/google"
      version = ">= 6.27.0"
    }
  }
}

locals {
  hub_region = substr(var.hub.zone, 0, length(var.hub.zone) - 2)
  spoke_region = substr(var.spoke.zone, 0, length(var.spoke.zone) - 2)
}

provider "google" {
  # Configuration options
  region  = local.hub_region
  zone    = var.hub.zone
  project = var.hub.project
}

module "hub_network" {
  source = "./modules/network"

  name = "${var.hub.name}-vpc"

  subnets = [{
    name   = "${var.hub.name}-network"
    cidr   = var.hub.cidr
    region = local.hub_region
  }]

  nat = true
}

module "spoke_network" {
  source = "./modules/network"

  name       = "${var.spoke.name}-vpc"
  project_id = var.spoke.project

  subnets = [
    {
      name   = "${var.spoke.name}-network"
      cidr   = var.spoke.cidr
      region = local.spoke_region
    }
  ]

  nat = true
}

module "hub_to_spoke_peering" {
  source = "./modules/network-peering"

  left = {
    project_id   = var.hub.project
    network_id   = module.hub_network.id
    network_name = module.hub_network.name
  }

  right = {
    project_id   = var.spoke.project
    network_id   = module.spoke_network.id
    network_name = module.spoke_network.name
  }

  hub_spoke = true

  depends_on = [
    module.hub_network,
    module.spoke_network
  ]
}

module "gw" {
  source = "./modules/cloud-vpn"

  name            = "${var.hub.name}-vpn"
  network_name    = module.hub_network.name
  region          = local.hub_region
  vpn_external_ip = var.vpn_external_ip
}

module "to_lazurowa" {
  source        = "./modules/cloud-vpn-tunnel"
  name          = "${var.hub.name}-to-lazurowa"
  gw_name       = module.gw.name
  peer_ip       = var.peer_ip
  shared_secret = var.shared_secret

  local_selectors  = [var.hub.cidr, var.spoke.cidr]
  remote_selectors = var.remote_selectors

  depends_on = [module.gw]
}

module "vm_hub" {
  source = "./modules/linux-vm"

  name         = "vm-${var.hub.name}"
  network_name = "${var.hub.name}-vpc"
  subnet_name  = "${var.hub.name}-network"
  ssh          = var.ssh

  depends_on = [module.hub_network]
}

module "vm_spoke" {
  source = "./modules/linux-vm"

  name         = "vm-${var.spoke.name}"
  project_id   = var.spoke.project
  network_name = "${var.spoke.name}-vpc"
  subnet_name  = "${var.spoke.name}-network"
  ssh          = var.ssh

  depends_on = [module.spoke_network]
}

module "koszewscy_internal_zone" {
  source = "./modules/dns-managed-zone"

  dns_name = "koszewscy.waw.pl."

  network_id = module.hub_network.id

  target_name_servers = ["192.168.2.5"]
}

module "koszewscy_internal_zone_spoke" {
  source = "./modules/dns-managed-zone"

  project_id = var.spoke.project
  dns_name   = "koszewscy.waw.pl."
  zone_name  = "koszewscy-waw-pl-spoke"

  network_id         = module.spoke_network.id
  peering_network_id = module.hub_network.id
}