# System Configuration Contracts
#
# Type definitions for system-level configuration
# Migrated from provisioning/kcl/system_config.k

{
  SystemConfig = {
    version | String | default = "1.0.0",
    install_path | String,
    os_name | [| 'macos, 'linux, 'windows |] | default = 'linux,
    os_version | String,
    config_base_path | String,
    cache_base_path | String,
    workspaces_dir | String,
    system_architecture | String,
    cpu_count | Number,
    memory_total_gb | Number,
    disk_total_gb | Number,
    setup_date | String,
    setup_by_user | String,
    setup_hostname | String,
  },

  OrchestratorConfig = {
    enabled | Bool | default = true,
    endpoint | String | default = "http://localhost:9090",
    port | Number | default = 9090,
    timeout_seconds | Number | default = 30,
    health_check_interval_seconds | Number | default = 5,
  },

  DatabaseConfig = {
    backend | [| 'memory, 'surrealdb |] | default = 'memory,
    url | String | optional,
  },

  ControlCenterConfig = {
    enabled | Bool | default = true,
    url | String | default = "http://localhost:3000",
    port | Number | default = 3000,
    timeout_seconds | Number | default = 30,
    database | DatabaseConfig,
  },

  KMSConfig = {
    enabled | Bool | default = true,
    backend | [| 'rustyvault, 'age, 'vault, 'aws_kms |] | default = 'age,
    endpoint | String | optional,
    port | Number | optional,
    rotation_days | Number | optional | default = 90,
  },

  PlatformServicesConfig = {
    orchestrator | OrchestratorConfig,
    control_center | ControlCenterConfig,
    kms_service | KMSConfig,
  },

  ProviderCredentialsReference = {
    credentials_source | String,
    credentials_source_type | [| 'rustyvault, 'vault, 'kms |] | default = 'rustyvault,
  },

  UpCloudConfig = {
    api_url | String | default = "https://api.upcloud.com/1.3",
    interface | [| 'API, 'CLI |] | default = 'API,
    credentials | ProviderCredentialsReference,
    timeout_seconds | Number | default = 30,
  },

  AWSConfig = {
    region | String | default = "us-east-1",
    credentials | ProviderCredentialsReference,
    timeout_seconds | Number | default = 30,
  },

  HetznerConfig = {
    api_url | String | default = "https://api.hetzner.cloud/v1",
    credentials | ProviderCredentialsReference,
    timeout_seconds | Number | default = 30,
  },

  LocalConfig = {
    base_path | String | default = "/tmp/provisioning-local",
    timeout_seconds | Number | default = 10,
  },

  RustyVaultBootstrap = {
    encrypted_key_path | String,
    encrypted_key_format | [| 'age, 'sops |] | default = 'age,
  },

  ProviderConfig = {
    upcloud | UpCloudConfig | optional,
    aws | AWSConfig | optional,
    hetzner | HetznerConfig | optional,
    local | LocalConfig | optional,
    rustyvault_bootstrap | RustyVaultBootstrap | optional,
  },

  UserPreferences = {
    preferred_editor | [| 'vim, 'nano, 'code |] | default = 'vim,
    preferred_output_format | [| 'text, 'json, 'yaml |] | default = 'text,
    auto_confirm_operations | Bool | default = false,
    log_level | [| 'error, 'warn, 'info, 'debug |] | default = 'info,
    default_timeout_seconds | Number | default = 300,
  },

  WorkspaceConfig = {
    workspace_name | String,
    workspace_path | String,
    active_infrastructure | String,
    active_providers | Array String,
    provider_config | ProviderConfig,
  },
}