resource "random_uuid" "uuid" {
}

data "linode_object_storage_cluster" "cluster" {
  id = "eu-central-1"
}

resource "linode_object_storage_bucket" "wal" {
  label = "pdb-wal-${random_uuid.uuid.result}"

  cluster = data.linode_object_storage_cluster.cluster.id
}

resource "linode_object_storage_key" "wal" {
  label = "pdb-wal-${random_uuid.uuid.result} yeah"

  bucket_access {
    bucket_name = linode_object_storage_bucket.wal.label
    cluster     = linode_object_storage_bucket.wal.cluster
    permissions = "read_write"
  }
}

resource "sops_file" "secret_data" {
  encryption_type = "age"
  filename        = "../../knot-pdb.sops.yml"
  content = yamlencode({
    AWS_ACCESS_KEY_ID       = linode_object_storage_key.wal.access_key
    AWS_SECRET_ACCESS_KEY   = linode_object_storage_key.wal.secret_key
    WALG_S3_PREFIX          = "s3://${linode_object_storage_bucket.wal.label}"
    AWS_S3_FORCE_PATH_STYLE = "true"
    AWS_REGION              = data.linode_object_storage_cluster.cluster.id
    AWS_ENDPOINT            = "https://${data.linode_object_storage_cluster.cluster.id}.linodeobjects.com"
    PGHOST                  = ""
  })
}