Workshop completo: aulas 08-10 com Talos, n8n e GitLab na Hetzner

Aula 08 - Cluster Kubernetes HA:
- Setup interativo com OpenTofu para Talos na Hetzner
- CCM, CSI Driver, Cluster Autoscaler, Metrics Server
- NGINX Ingress com LoadBalancer (HTTP/HTTPS/SSH)

Aula 09 - n8n na Hetzner:
- Deploy via Helm com PostgreSQL e Redis
- Suporte multi-tenant com add-client.sh
- Integração com Hetzner CSI para volumes persistentes

Aula 10 - GitLab na Hetzner:
- Setup agnóstico: CloudFlare (trusted proxies) ou Let's Encrypt
- Anti-affinity para distribuir webservice/sidekiq em nós diferentes
- Container Registry e SSH via TCP passthrough
- Documentação do erro 422 e solução com trustedCIDRsForXForwardedFor

Melhorias gerais:
- READMEs atualizados com arquitetura e troubleshooting
- Scripts cleanup.sh para todas as aulas
- CLAUDE.md atualizado com contexto do projeto

aula-08/variables.tf

@@ -2,28 +2,56 @@
 # Variables for Hetzner Talos Kubernetes Cluster
 ############################################################
 
-# Authentication
+# ==========================================================
+# AUTENTICAÇÃO
+# ==========================================================
+
 variable "hcloud_token" {
   type        = string
   description = "Hetzner Cloud API token"
   sensitive   = true
 }
 
-# Cluster Configuration
+# ==========================================================
+# CONFIGURAÇÃO DO CLUSTER
+# ==========================================================
+
+variable "enable_ha" {
+  type        = bool
+  description = "Enable HA mode with 3 control plane nodes"
+  default     = true
+}
+
+variable "enable_loadbalancer" {
+  type        = bool
+  description = "Enable Hetzner Load Balancer for HA access to control plane and ingress"
+  default     = true
+}
+
 variable "environment" {
   type        = string
   description = "Environment name (prod, staging, dev)"
   default     = "prod"
+
+  validation {
+    condition     = contains(["prod", "staging", "dev"], var.environment)
+    error_message = "Environment deve ser: prod, staging ou dev."
+  }
 }
 
+# ==========================================================
+# SSH
+# ==========================================================
 
-# SSH Configuration
 variable "ssh_public_key" {
   type        = string
   description = "Public SSH key for emergency access to nodes"
 }
 
-# Talos Configuration
+# ==========================================================
+# TALOS
+# ==========================================================
+
 variable "talos_image_id" {
   type        = number
   description = "ID da imagem Talos customizada na Hetzner (criada na aula-07). Obtenha com: hcloud image list --type snapshot"
@@ -32,30 +60,18 @@ variable "talos_image_id" {
 variable "talos_version" {
   type        = string
   description = "Talos version to use"
-  default     = "v1.11.2"  # Match the official image version
+  default     = "v1.11.2"
+
+  validation {
+    condition     = can(regex("^v[0-9]+\\.[0-9]+\\.[0-9]+$", var.talos_version))
+    error_message = "talos_version deve seguir o formato semântico: v1.2.3"
+  }
 }
 
-# Monitoring Configuration
-variable "enable_monitoring" {
-  type        = bool
-  description = "Enable Victoria Metrics monitoring stack"
-  default     = true
-}
+# ==========================================================
+# LABELS CUSTOMIZADAS
+# ==========================================================
 
-# Auto-scaling Configuration
-variable "scale_up_threshold" {
-  type        = number
-  description = "CPU percentage to trigger scale up"
-  default     = 70
-}
-
-variable "scale_down_threshold" {
-  type        = number
-  description = "CPU percentage to trigger scale down"
-  default     = 30
-}
-
-# Tags for resource management
 variable "custom_labels" {
   type        = map(string)
   description = "Custom labels to add to all resources"