resource "hcloud_server" "guidelines1" {
  name = "guidelines1-${data.terraform_remote_state.environment.outputs.environment_name}"

  server_type = "cx21"
  image = var.image_default_id
  keep_disk = true
  location = data.terraform_remote_state.environment.outputs.dc_default_id
  user_data = data.template_cloudinit_config.guidelines.rendered

  labels = {
    lb = "guidelines-${data.terraform_remote_state.environment.outputs.environment_name}"
    environment = data.terraform_remote_state.environment.outputs.environment_name
  }
}

resource "hcloud_volume_attachment" "guidelines1_data1" {
  server_id = hcloud_server.guidelines1.id
  volume_id = data.terraform_remote_state.storage.outputs.volume_data1_id
  automount = true
}

resource "hcloud_server_network" "guidelines1_primary" {
  server_id = hcloud_server.guidelines1.id
  network_id = data.terraform_remote_state.environment.outputs.network_primary_id
  ip = "10.0.1.51"
}

data "template_cloudinit_config" "guidelines" {
  gzip = false
  base64_encode = false

  part {
    filename = "init.cfg"
    content_type = "text/cloud-config"
    content = templatefile("${path.module}/cloudinit.tpl", {
      certbot_script = filebase64("${path.module}/certbot.sh")
      environment = data.terraform_remote_state.environment.outputs.environment_name
      gitlab_password = lookup(jsondecode(file("../../secrets.json")), "gitlab_deploy_token_password", "not found")
      gitlab_username = lookup(jsondecode(file("../../secrets.json")), "gitlab_deploy_token_username", "not found")
      hcloud_token = lookup(jsondecode(file("../../secrets.json")), "hcloud_token_${data.terraform_remote_state.environment.outputs.environment_name}", "not found")
      aws_access_key_id = lookup(jsondecode(file("../../secrets.json")), "aws_access_key_id", "not found")
      aws_secret_access_key = lookup(jsondecode(file("../../secrets.json")), "aws_secret_access_key", "not found")
      domain_name = lookup(jsondecode(file("../../config.json")), "domain_name_${data.terraform_remote_state.environment.outputs.environment_name}", "not found")
      domain_alternative_names = base64encode(lookup(jsondecode(file("../../config.json")), "domain_alternative_names_${data.terraform_remote_state.environment.outputs.environment_name}", "not found"))
      vault_db_password = lookup(jsondecode(file("../../secrets.json")), "vault_db_password_${data.terraform_remote_state.environment.outputs.environment_name}", "not found")
      elasticsearch_password = lookup(jsondecode(file("../../secrets.json")), "elasticsearch_password_${data.terraform_remote_state.environment.outputs.environment_name}", "not found")
      nix_certbot = filebase64("${path.module}/nix/certbot.nix")
      nix_configuration = filebase64("${path.module}/nix/configuration.nix")
      nix_elasticsearch = filebase64("${path.module}/nix/elasticsearch.nix")
      nix_guidelines = filebase64("${path.module}/nix/guidelines.nix")
      nix_postgresql = filebase64("${path.module}/nix/postgresql.nix")
      nix_vault = filebase64("${path.module}/nix/vault.nix")
    })
  }
}