# =============================================================================
# Realms App Server Infrastructure
# Separate Terraform state from git infrastructure (jump host + Forgejo)
# =============================================================================

locals {
  common_tags = concat([
    var.project_name,
    var.environment,
    "terraform-managed",
    "app-server"
  ], var.tags)
}

# =============================================================================
# SSH Keys
# =============================================================================

resource "digitalocean_ssh_key" "admin" {
  for_each = var.admin_ssh_public_keys

  name       = "${var.project_name}-app-${var.environment}-${each.key}"
  public_key = each.value
}

# =============================================================================
# App Server Module
# =============================================================================

module "app_server" {
  source = "./modules/app_server"

  project_name     = var.project_name
  environment      = var.environment
  region           = var.region
  vpc_uuid         = var.vpc_uuid
  vpc_ip_range     = var.vpc_ip_range
  ssh_keys         = [for key in digitalocean_ssh_key.admin : key.id]
  droplet_size     = var.app_droplet_size
  droplet_image    = var.app_droplet_image
  ssh_port         = var.app_ssh_port
  domain           = var.app_domain
  enable_backups   = var.enable_droplet_backups
  tags             = local.common_tags
  manage_dns       = var.manage_dns
  dns_zone         = var.dns_zone
  forgejo_registry = var.forgejo_registry
}