provider "aws" {
  region = var.region
}

resource "aws_key_pair" "my_keys" {
  count = var.group_count
  key_name   = "user${count.index}-key"
  public_key = file("../keypairs/user${count.index}.pub")
}

resource "aws_security_group" "allow_ssh" {
  name        = "allow_ssh"
  description = "Allow SSH inbound traffic"
  
  ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["82.67.50.62/32"]  # Allow SSH from this IP
  }

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"  # Allow all outbound traffic
    cidr_blocks = ["0.0.0.0/0"]
  }
}

resource "aws_instance" "labtops" {
  count = var.group_count
  ami           = var.ami_id
  instance_type = var.instance_type
  key_name      = aws_key_pair.my_keys[count.index].key_name
  security_groups = [aws_security_group.allow_ssh.name]

  #iam_instance_profile = aws_iam_instance_profile.ec2_ami_instance_profile.name

  tags = {
    Name = "labtop #${count.index}"
    Owner = "seco"
  }

  # Enable public IP
  associate_public_ip_address = true
}

output "instance_id" {
  value = aws_instance.labtops[*].id
}

output "public_ip" {
  value = aws_instance.labtops[*].public_ip
}

variable "region" {
  type = string
}
variable "group_count" {
  type = number
}
variable "ami_id" {
  type = string
}
variable "instance_type" {
  type = string
}