############################################
# FONCTION COMMUNE POUR OS LOGIN
############################################

resource "google_compute_project_metadata_item" "enable_oslogin" {
  project = var.project_id
  key     = "enable-oslogin"
  value   = "TRUE"
}

############################################
# 1. INSTANCE FRONTEND
############################################

resource "google_compute_instance" "frontend" {
  project      = var.project_id
  name         = "frontend-instance"
  machine_type = var.instance_type
  zone         = var.zone
  tags         = ["frontend", "ssh"]

  boot_disk {
    initialize_params {
      image = "debian-cloud/debian-11"
      size  = 10
    }
  }

  network_interface {
    subnetwork = var.frontend_subnet_id

    access_config {} # IP publique
  }

  metadata = {
    enable-oslogin = "TRUE"
  }
}

############################################
# 2. INSTANCE BACKEND
############################################

resource "google_compute_instance" "backend" {
  project      = var.project_id
  name         = "backend-instance"
  machine_type = var.instance_type
  zone         = var.zone
  tags         = ["backend", "ssh"]

  boot_disk {
    initialize_params {
      image = "debian-cloud/debian-11"
      size  = 10
    }
  }

  network_interface {
    subnetwork = var.backend_subnet_id
    # Pas d'IP publique → aucun access_config
  }

  metadata = {
    enable-oslogin = "TRUE"
  }
}

############################################
# 3. INSTANCE DATABASE
############################################

resource "google_compute_instance" "database" {
  project      = var.project_id
  name         = "database-instance"
  machine_type = var.instance_type
  zone         = var.zone
  tags         = ["database", "ssh"]

  boot_disk {
    initialize_params {
      image = "debian-cloud/debian-11"
      size  = 20
    }
  }

  network_interface {
    subnetwork = var.database_subnet_id
    # Pas d'IP publique
  }

  metadata = {
    enable-oslogin = "TRUE"
  }
}