syntax = "proto3";

package prismnet;

// =============================================================================
// VPC Service
// =============================================================================

service VpcService {
  rpc CreateVpc(CreateVpcRequest) returns (CreateVpcResponse);
  rpc GetVpc(GetVpcRequest) returns (GetVpcResponse);
  rpc ListVpcs(ListVpcsRequest) returns (ListVpcsResponse);
  rpc UpdateVpc(UpdateVpcRequest) returns (UpdateVpcResponse);
  rpc DeleteVpc(DeleteVpcRequest) returns (DeleteVpcResponse);
}

message Vpc {
  string id = 1;
  string org_id = 2;
  string project_id = 3;
  string name = 4;
  string description = 5;
  string cidr_block = 6;
  VpcStatus status = 7;
  uint64 created_at = 8;
  uint64 updated_at = 9;
}

enum VpcStatus {
  VPC_STATUS_UNSPECIFIED = 0;
  VPC_STATUS_PROVISIONING = 1;
  VPC_STATUS_ACTIVE = 2;
  VPC_STATUS_UPDATING = 3;
  VPC_STATUS_DELETING = 4;
  VPC_STATUS_ERROR = 5;
}

message CreateVpcRequest {
  string org_id = 1;
  string project_id = 2;
  string name = 3;
  string description = 4;
  string cidr_block = 5;
}

message CreateVpcResponse {
  Vpc vpc = 1;
}

message GetVpcRequest {
  string org_id = 1;
  string project_id = 2;
  string id = 3;
}

message GetVpcResponse {
  Vpc vpc = 1;
}

message ListVpcsRequest {
  string org_id = 1;
  string project_id = 2;
  int32 page_size = 3;
  string page_token = 4;
}

message ListVpcsResponse {
  repeated Vpc vpcs = 1;
  string next_page_token = 2;
}

message UpdateVpcRequest {
  string org_id = 1;
  string project_id = 2;
  string id = 3;
  string name = 4;
  string description = 5;
}

message UpdateVpcResponse {
  Vpc vpc = 1;
}

message DeleteVpcRequest {
  string org_id = 1;
  string project_id = 2;
  string id = 3;
}

message DeleteVpcResponse {}

// =============================================================================
// Subnet Service
// =============================================================================

service SubnetService {
  rpc CreateSubnet(CreateSubnetRequest) returns (CreateSubnetResponse);
  rpc GetSubnet(GetSubnetRequest) returns (GetSubnetResponse);
  rpc ListSubnets(ListSubnetsRequest) returns (ListSubnetsResponse);
  rpc UpdateSubnet(UpdateSubnetRequest) returns (UpdateSubnetResponse);
  rpc DeleteSubnet(DeleteSubnetRequest) returns (DeleteSubnetResponse);
}

message Subnet {
  string id = 1;
  string vpc_id = 2;
  string name = 3;
  string description = 4;
  string cidr_block = 5;
  string gateway_ip = 6;
  bool dhcp_enabled = 7;
  repeated string dns_servers = 8;
  SubnetStatus status = 9;
  uint64 created_at = 10;
  uint64 updated_at = 11;
}

enum SubnetStatus {
  SUBNET_STATUS_UNSPECIFIED = 0;
  SUBNET_STATUS_PROVISIONING = 1;
  SUBNET_STATUS_ACTIVE = 2;
  SUBNET_STATUS_UPDATING = 3;
  SUBNET_STATUS_DELETING = 4;
  SUBNET_STATUS_ERROR = 5;
}

message CreateSubnetRequest {
  string vpc_id = 1;
  string name = 2;
  string description = 3;
  string cidr_block = 4;
  string gateway_ip = 5;
  bool dhcp_enabled = 6;
}

message CreateSubnetResponse {
  Subnet subnet = 1;
}

message GetSubnetRequest {
  string org_id = 1;
  string project_id = 2;
  string vpc_id = 3;
  string id = 4;
}

message GetSubnetResponse {
  Subnet subnet = 1;
}

message ListSubnetsRequest {
  string org_id = 1;
  string project_id = 2;
  string vpc_id = 3;
  int32 page_size = 4;
  string page_token = 5;
}

message ListSubnetsResponse {
  repeated Subnet subnets = 1;
  string next_page_token = 2;
}

message UpdateSubnetRequest {
  string org_id = 1;
  string project_id = 2;
  string vpc_id = 3;
  string id = 4;
  string name = 5;
  string description = 6;
  bool dhcp_enabled = 7;
}

message UpdateSubnetResponse {
  Subnet subnet = 1;
}

message DeleteSubnetRequest {
  string org_id = 1;
  string project_id = 2;
  string vpc_id = 3;
  string id = 4;
}

message DeleteSubnetResponse {}

// =============================================================================
// Port Service
// =============================================================================

service PortService {
  rpc CreatePort(CreatePortRequest) returns (CreatePortResponse);
  rpc GetPort(GetPortRequest) returns (GetPortResponse);
  rpc ListPorts(ListPortsRequest) returns (ListPortsResponse);
  rpc UpdatePort(UpdatePortRequest) returns (UpdatePortResponse);
  rpc DeletePort(DeletePortRequest) returns (DeletePortResponse);
  rpc AttachDevice(AttachDeviceRequest) returns (AttachDeviceResponse);
  rpc DetachDevice(DetachDeviceRequest) returns (DetachDeviceResponse);
}

message Port {
  string id = 1;
  string subnet_id = 2;
  string name = 3;
  string description = 4;
  string mac_address = 5;
  string ip_address = 6;
  string device_id = 7;
  DeviceType device_type = 8;
  repeated string security_group_ids = 9;
  bool admin_state_up = 10;
  PortStatus status = 11;
  uint64 created_at = 12;
  uint64 updated_at = 13;
}

enum PortStatus {
  PORT_STATUS_UNSPECIFIED = 0;
  PORT_STATUS_BUILD = 1;
  PORT_STATUS_ACTIVE = 2;
  PORT_STATUS_DOWN = 3;
  PORT_STATUS_ERROR = 4;
}

enum DeviceType {
  DEVICE_TYPE_UNSPECIFIED = 0;
  DEVICE_TYPE_NONE = 1;
  DEVICE_TYPE_VM = 2;
  DEVICE_TYPE_ROUTER = 3;
  DEVICE_TYPE_LOAD_BALANCER = 4;
  DEVICE_TYPE_DHCP_SERVER = 5;
  DEVICE_TYPE_OTHER = 6;
}

message CreatePortRequest {
  string org_id = 1;
  string project_id = 2;
  string subnet_id = 3;
  string name = 4;
  string description = 5;
  string ip_address = 6;
  repeated string security_group_ids = 7;
}

message CreatePortResponse {
  Port port = 1;
}

message GetPortRequest {
  string org_id = 1;
  string project_id = 2;
  string subnet_id = 3;
  string id = 4;
}

message GetPortResponse {
  Port port = 1;
}

message ListPortsRequest {
  string org_id = 1;
  string project_id = 2;
  string subnet_id = 3;
  string device_id = 4;
  int32 page_size = 5;
  string page_token = 6;
}

message ListPortsResponse {
  repeated Port ports = 1;
  string next_page_token = 2;
}

message UpdatePortRequest {
  string org_id = 1;
  string project_id = 2;
  string subnet_id = 3;
  string id = 4;
  string name = 5;
  string description = 6;
  repeated string security_group_ids = 7;
  bool admin_state_up = 8;
}

message UpdatePortResponse {
  Port port = 1;
}

message DeletePortRequest {
  string org_id = 1;
  string project_id = 2;
  string subnet_id = 3;
  string id = 4;
}

message DeletePortResponse {}

message AttachDeviceRequest {
  string org_id = 1;
  string project_id = 2;
  string subnet_id = 3;
  string port_id = 4;
  string device_id = 5;
  DeviceType device_type = 6;
}

message AttachDeviceResponse {
  Port port = 1;
}

message DetachDeviceRequest {
  string org_id = 1;
  string project_id = 2;
  string subnet_id = 3;
  string port_id = 4;
}

message DetachDeviceResponse {
  Port port = 1;
}

// =============================================================================
// Security Group Service
// =============================================================================

service SecurityGroupService {
  rpc CreateSecurityGroup(CreateSecurityGroupRequest) returns (CreateSecurityGroupResponse);
  rpc GetSecurityGroup(GetSecurityGroupRequest) returns (GetSecurityGroupResponse);
  rpc ListSecurityGroups(ListSecurityGroupsRequest) returns (ListSecurityGroupsResponse);
  rpc UpdateSecurityGroup(UpdateSecurityGroupRequest) returns (UpdateSecurityGroupResponse);
  rpc DeleteSecurityGroup(DeleteSecurityGroupRequest) returns (DeleteSecurityGroupResponse);
  rpc AddRule(AddRuleRequest) returns (AddRuleResponse);
  rpc RemoveRule(RemoveRuleRequest) returns (RemoveRuleResponse);
}

message SecurityGroup {
  string id = 1;
  string project_id = 2;
  string name = 3;
  string description = 4;
  repeated SecurityGroupRule rules = 5;
  uint64 created_at = 6;
  uint64 updated_at = 7;
}

message SecurityGroupRule {
  string id = 1;
  string security_group_id = 2;
  RuleDirection direction = 3;
  IpProtocol protocol = 4;
  uint32 port_range_min = 5;
  uint32 port_range_max = 6;
  string remote_cidr = 7;
  string remote_group_id = 8;
  string description = 9;
  uint64 created_at = 10;
}

enum RuleDirection {
  RULE_DIRECTION_UNSPECIFIED = 0;
  RULE_DIRECTION_INGRESS = 1;
  RULE_DIRECTION_EGRESS = 2;
}

enum IpProtocol {
  IP_PROTOCOL_UNSPECIFIED = 0;
  IP_PROTOCOL_ANY = 1;
  IP_PROTOCOL_TCP = 2;
  IP_PROTOCOL_UDP = 3;
  IP_PROTOCOL_ICMP = 4;
  IP_PROTOCOL_ICMPV6 = 5;
}

message CreateSecurityGroupRequest {
  string org_id = 1;
  string project_id = 2;
  string name = 3;
  string description = 4;
}

message CreateSecurityGroupResponse {
  SecurityGroup security_group = 1;
}

message GetSecurityGroupRequest {
  string org_id = 1;
  string project_id = 2;
  string id = 3;
}

message GetSecurityGroupResponse {
  SecurityGroup security_group = 1;
}

message ListSecurityGroupsRequest {
  string org_id = 1;
  string project_id = 2;
  int32 page_size = 3;
  string page_token = 4;
}

message ListSecurityGroupsResponse {
  repeated SecurityGroup security_groups = 1;
  string next_page_token = 2;
}

message UpdateSecurityGroupRequest {
  string org_id = 1;
  string project_id = 2;
  string id = 3;
  string name = 4;
  string description = 5;
}

message UpdateSecurityGroupResponse {
  SecurityGroup security_group = 1;
}

message DeleteSecurityGroupRequest {
  string org_id = 1;
  string project_id = 2;
  string id = 3;
}

message DeleteSecurityGroupResponse {}

message AddRuleRequest {
  string org_id = 1;
  string project_id = 2;
  string security_group_id = 3;
  RuleDirection direction = 4;
  IpProtocol protocol = 5;
  uint32 port_range_min = 6;
  uint32 port_range_max = 7;
  string remote_cidr = 8;
  string remote_group_id = 9;
  string description = 10;
}

message AddRuleResponse {
  SecurityGroupRule rule = 1;
}

message RemoveRuleRequest {
  string org_id = 1;
  string project_id = 2;
  string security_group_id = 3;
  string rule_id = 4;
}

message RemoveRuleResponse {}

// =============================================================================
// IPAM Service (IP Address Management for k8shost Services)
// =============================================================================

service IpamService {
  // Create a Service IP Pool
  rpc CreateServiceIPPool(CreateServiceIPPoolRequest) returns (CreateServiceIPPoolResponse);
  
  // Get Service IP Pool
  rpc GetServiceIPPool(GetServiceIPPoolRequest) returns (GetServiceIPPoolResponse);
  
  // List Service IP Pools
  rpc ListServiceIPPools(ListServiceIPPoolsRequest) returns (ListServiceIPPoolsResponse);
  
  // Allocate IP from pool
  rpc AllocateServiceIP(AllocateServiceIPRequest) returns (AllocateServiceIPResponse);
  
  // Release IP back to pool
  rpc ReleaseServiceIP(ReleaseServiceIPRequest) returns (ReleaseServiceIPResponse);
  
  // Get IP allocation status
  rpc GetIPAllocation(GetIPAllocationRequest) returns (GetIPAllocationResponse);
}

message ServiceIPPool {
  string id = 1;
  string org_id = 2;
  string project_id = 3;
  string name = 4;
  string description = 5;
  string cidr_block = 6;
  ServiceIPPoolType pool_type = 7;
  repeated string allocated_ips = 8;
  ServiceIPPoolStatus status = 9;
  uint64 created_at = 10;
  uint64 updated_at = 11;
}

enum ServiceIPPoolType {
  SERVICE_IP_POOL_TYPE_UNSPECIFIED = 0;
  SERVICE_IP_POOL_TYPE_CLUSTER_IP = 1;
  SERVICE_IP_POOL_TYPE_LOAD_BALANCER = 2;
  SERVICE_IP_POOL_TYPE_NODE_PORT = 3;
}

enum ServiceIPPoolStatus {
  SERVICE_IP_POOL_STATUS_UNSPECIFIED = 0;
  SERVICE_IP_POOL_STATUS_PROVISIONING = 1;
  SERVICE_IP_POOL_STATUS_ACTIVE = 2;
  SERVICE_IP_POOL_STATUS_UPDATING = 3;
  SERVICE_IP_POOL_STATUS_DELETING = 4;
  SERVICE_IP_POOL_STATUS_ERROR = 5;
}

message IPAllocation {
  string ip_address = 1;
  string pool_id = 2;
  string org_id = 3;
  string project_id = 4;
  string resource_type = 5;  // "k8s-service", "vm-port", etc.
  string resource_id = 6;     // Service UID, Port ID, etc.
  uint64 allocated_at = 7;
}

message CreateServiceIPPoolRequest {
  string org_id = 1;
  string project_id = 2;
  string name = 3;
  string description = 4;
  string cidr_block = 5;
  ServiceIPPoolType pool_type = 6;
}

message CreateServiceIPPoolResponse {
  ServiceIPPool pool = 1;
}

message GetServiceIPPoolRequest {
  string org_id = 1;
  string project_id = 2;
  string id = 3;
}

message GetServiceIPPoolResponse {
  ServiceIPPool pool = 1;
}

message ListServiceIPPoolsRequest {
  string org_id = 1;
  string project_id = 2;
  ServiceIPPoolType pool_type = 3;  // Optional filter
  int32 page_size = 4;
  string page_token = 5;
}

message ListServiceIPPoolsResponse {
  repeated ServiceIPPool pools = 1;
  string next_page_token = 2;
}

message AllocateServiceIPRequest {
  string org_id = 1;
  string project_id = 2;
  string pool_id = 3;             // Optional: specific pool
  ServiceIPPoolType pool_type = 4; // Required if pool_id not specified
  string service_uid = 5;          // k8s service UID for tracking
  string requested_ip = 6;         // Optional: specific IP request
}

message AllocateServiceIPResponse {
  string ip_address = 1;
  string pool_id = 2;
}

message ReleaseServiceIPRequest {
  string org_id = 1;
  string project_id = 2;
  string ip_address = 3;
}

message ReleaseServiceIPResponse {}

message GetIPAllocationRequest {
  string org_id = 1;
  string project_id = 2;
  string ip_address = 3;
}

message GetIPAllocationResponse {
  IPAllocation allocation = 1;
}