# You need to replace these
hcloud_token = "xxxxxxxxxxxxxxxxxxYYYYYYYYYYYYYYYYYYYzzzzzzzzzzzzzzzzzzzzz"
public_key   = "/home/username/.ssh/id_ed25519.pub"
# Must be "private_key = null" when you want to use ssh-agent, for a Yubikey like device auth or an SSH key-pair with passphrase
private_key  = "/home/username/.ssh/id_ed25519"

# These can be customized, or left with the default values
# For Hetzner locations see https://docs.hetzner.com/general/others/data-centers-and-connection/
# For Hetzner server types see https://www.hetzner.com/cloud
location         = "fsn1"       # change to `ash` for us-east Ashburn, Virginia location
network_region   = "eu-central" # change to `us-east` if location is ash
network_ip_range = "10.0.0.0/8"
network_subnets = {
  control_plane = "10.1.0.0/16"
  subnet1       = "10.2.0.0/16"
  subnet2       = "10.3.0.0/16"
}

control_plane_server_type = "cpx11"
lb_server_type            = "lb11"

# At least 3 server nodes is recommended for HA, otherwise you need to turn off automatic upgrade (see ReadMe).
servers_num = 3


agent_nodepools = {
  big = {
    server_type = "cpx31",
    count       = 1,
    subnet      = "subnet1",
  }
  small = {
    server_type = "cpx21",
    count       = 2,
    subnet      = "subnet2",
  }
}

# If you want to use a specific Hetzner CCM and CSI version, set them below, otherwise leave as is for the latest versions
# hetzner_ccm_version = ""
# hetzner_csi_version = ""

# If you want to use letsencrypt with tls Challenge, the email address is used to send you certificates expiration notices
# traefik_acme_tls = true
# traefik_acme_email = "mail@example.com"

# If you want to allow non-control-plane workloads to run on the control-plane nodes set "true" below. The default is "false".
# allow_scheduling_on_control_plane = true

# If you want to disable automatic upgrade of k3s, you can set this to false, default is "true".
# automatically_upgrade_k3s = false

# Allows you to specify either stable, latest, or testing (defaults to stable), see https://rancher.com/docs/k3s/latest/en/upgrades/basic/
# initial_k3s_channel = "latest"