# DNS Elastic IPs for Stable Glue Records
# RFC 0046: Domain Email Migration - Phase 1
#
# Purpose: Allocate static Elastic IPs for the DNS NLB to enable
# stable glue records at GoDaddy for NS delegation.
#
# Architecture:
# - 3 EIPs (one per AZ) for high availability
# - Attached to NLB via subnet_mapping
# - Used as glue records: ns1.domain.com, ns2.domain.com, ns3.domain.com
#
# Cost: ~$0/mo (EIPs attached to running resources are free)

locals {
  # Enable static IPs for DNS delegation
  enable_dns_static_ips = var.enable_dns_static_ips

  # Domains to be delegated from GoDaddy to PowerDNS
  managed_domains = [
    "superviber.com",
    "muffinlabs.ai",
    "letemcook.com",
    "appbasecamp.com",
    "thanksforborrowing.com",
    "alignment.coop"
  ]
}

# Allocate Elastic IPs for DNS NLB (one per AZ)
resource "aws_eip" "dns" {
  count  = local.enable_dns_static_ips ? length(local.azs) : 0
  domain = "vpc"

  tags = merge(local.common_tags, {
    Name        = "${local.name}-dns-${count.index + 1}"
    Purpose     = "dns-nlb"
    RFC         = "0046"
    Description = "Stable IP for DNS glue records - AZ ${count.index + 1}"
  })

  lifecycle {
    # Prevent accidental deletion - changing these breaks glue records
    prevent_destroy = true
  }
}

# Output the EIP public IPs for glue record configuration
output "dns_elastic_ips" {
  description = "Elastic IP addresses for DNS NLB (use for glue records at GoDaddy)"
  value       = aws_eip.dns[*].public_ip
}

output "dns_elastic_ip_allocation_ids" {
  description = "Elastic IP allocation IDs for NLB subnet_mapping"
  value       = aws_eip.dns[*].id
}

output "glue_record_instructions" {
  description = "Instructions for configuring glue records at GoDaddy"
  value = local.enable_dns_static_ips ? join("\n", [
    "================================================================================",
    "GoDaddy Glue Record Configuration",
    "RFC 0046: Domain Email Migration - DNS Delegation",
    "================================================================================",
    "",
    "Domains: ${join(", ", local.managed_domains)}",
    "",
    "1. Custom Nameservers (set for each domain):",
    "   - ns1.<domain>",
    "   - ns2.<domain>",
    "   - ns3.<domain>",
    "",
    "2. Glue Records (Host Records):",
    "   ns1 -> ${try(aws_eip.dns[0].public_ip, "PENDING")}",
    "   ns2 -> ${try(aws_eip.dns[1].public_ip, "PENDING")}",
    "   ns3 -> ${try(aws_eip.dns[2].public_ip, "PENDING")}",
    "",
    "3. Verification Commands:",
    "   dig @${try(aws_eip.dns[0].public_ip, "PENDING")} superviber.com NS",
    "   dig @8.8.8.8 superviber.com NS",
    "",
    "================================================================================"
  ]) : "DNS static IPs not enabled. Set enable_dns_static_ips = true to allocate EIPs."
}