variable "domain" {
  description = "Root domain name managed in Cloudflare."
  type        = string
}

variable "domain_zone_id" {
  description = "Cloudflare Zone ID for the domain."
  type        = string
}

variable "cloudflare_api_token" {
  description = "Cloudflare API token with DNS edit permissions."
  type        = string
  sensitive   = true
}

variable "pve_api_url" {
  description = "Proxmox VE API endpoint URL."
  type        = string
}

variable "pve_token" {
  description = "Proxmox VE API token in 'user@realm!tokenid=secret' format."
  type        = string
  sensitive   = true
}

variable "node_name" {
  description = "Proxmox node to deploy resources on (e.g. 'pve')."
  type        = string
}

variable "datastore_id" {
  description = "Proxmox datastore for VM/container disks (e.g. 'local-lvm')."
  type        = string
}

variable "bridge" {
  description = "Proxmox network bridge for VM/container NICs (e.g. 'vmbr0')."
  type        = string
}

variable "template_vmid" {
  description = "VMID of the Proxmox VM template to clone."
  type        = number
}

variable "vm_id" {
  description = "VMID to assign to the new VM."
  type        = number
}

variable "name" {
  description = "Name for the VM."
  type        = string
}

variable "ssh_pubkey_path" {
  description = "Path to the SSH public key file (e.g. '~/.ssh/id_ed25519.pub')."
  type        = string
}

variable "admin_username" {
  description = "Admin username for provisioned VMs."
  type        = string
  default     = "azureuser"
}

variable "azure_location" {
  description = "Azure region for resource deployment."
  type        = string
  default     = "westeurope"
}

variable "azure_subscription_id" {
  description = "Azure subscription ID to deploy resources into."
  type        = string
}

variable "allowed_ssh_cidrs_ipv4" {
  description = "IPv4 CIDRs allowed to SSH (22/tcp). Empty list means allow from anywhere."
  type        = list(string)
  default     = []
}