variable "terraform-nixos" {
  type = string
}

variable "config" {
  type = string
}

variable "domain" {
  type = string
}

variable "hostname" {
  type = string
}

variable "initialUser" {
  type = object({
    displayName = string
    username = string
    password = string
    email = string
  })
}

variable "ssh_private_key_file" {
  type        = string
  description = "Path to private key used to connect to the target_host"
  default     = ""
}

variable "deploy_environment" {
  type        = map(string)
  description = "Extra environment variables to be set during deployment."
  default     = {}
}

locals {
  system = "x86_64-linux"
  nixpkgs = data.external.pins.result["nixpkgs"]
  sources = "${path.root}/../npins"
}

module "deploy" {
  source = "${var.terraform-nixos}//deploy_nixos"
  ssh_private_key_file = var.ssh_private_key_file
  target_host = "${var.hostname}.abundos.eu"
  target_user= "root" # FIXME: #24
  target_system = local.system
  NIX_PATH = "nixpkgs=${local.nixpkgs}:sources=${local.sources}"
  hermetic = true
  config_pwd = path.root
  config = <<-EOT
    import ${data.external.pins.result["nixpkgs"]}/nixos/lib/eval-config.nix {
      system = "${local.system}";
      specialArgs = {
        sources = import ${path.root}/../npins;
        terraform = builtins.fromJSON ''${jsonencode({
          domain = var.domain
          hostname = var.hostname
          initialUser = var.initialUser
        })}'';
      };
      modules = [
        ${path.root}/${var.config}.nix
        ${path.root}/shared.nix
      ];
    }
  EOT
  # build_on_target = false
  # triggers = {
  #   # pins = data.external.pins.result
  # }
}

data "external" "pins" {
  program = ["nix", "eval", "--json", "-f", "${path.root}/../npins"]
}