class role::cryptoportfolio {
  include "base_installation"

  include "profile::postgresql"

  $password_seed = lookup("base_installation::puppet_pass_seed") |$key| { {} }

  postgresql::server::db { 'cryptoportfolio':
    user =>  'cryptoportfolio',
    password =>  postgresql_password('cryptoportfolio', generate_password(24, $password_seed, "postgres_cryptoportfolio")),
  }

  postgresql::server::pg_hba_rule { 'allow localhost TCP access to cryptoportfolio user':
    type        => 'host',
    database    => 'cryptoportfolio',
    user        => 'cryptoportfolio',
    address     => '127.0.0.1/32',
    auth_method => 'md5',
    order       => "b0",
  }
  postgresql::server::pg_hba_rule { 'allow localhost ip6 TCP access to cryptoportfolio user':
    type        => 'host',
    database    => 'cryptoportfolio',
    user        => 'cryptoportfolio',
    address     => '::1/128',
    auth_method => 'md5',
    order       => "b0",
  }

  class { 'nginx': }

  nginx::resource::server { 'cryptoportfolio.immae.eu':
    listen_port => 80,
    proxy       => 'http://localhost:8000',
  }

  ensure_packages(["go", "npm", "nodejs", "yarn"])

  user { "cryptoportfolio":
    name       => "cryptoportfolio",
    ensure     => "present",
    managehome => true,
    home       => "/opt/cryptoportfolio",
    system     => true,
    password   => '!!',
  }

  $front_version = lookup("cryptoportfolio::front_version") |$key| { {} }
  $front_sha256 = lookup("cryptoportfolio::front_sha256") |$key| { {} }

  unless empty($front_version) {
    file { "/opt/cryptoportfolio/front":
      ensure => directory,
      mode   => "0700",
      owner  => "cryptoportfolio",
      group  => "cryptoportfolio",
    }

    file { "/opt/cryptoportfolio/front/${front_version}":
      ensure  => directory,
      mode    => "0700",
      owner   => "cryptoportfolio",
      group   => "cryptoportfolio",
      require => File["/opt/cryptoportfolio/front"],
    }

    archive { "/opt/cryptoportfolio/front/${front_version}.tar.gz":
      path          => "/opt/cryptoportfolio/front/${front_version}.tar.gz",
      source        => "https://git.immae.eu/releases/cryptoportfolio/front/front_${front_version}.tar.gz",
      creates       => "/opt/cryptoportfolio/front/${front_version}/README.md",
      checksum_type => "sha256",
      checksum      => $front_sha256,
      cleanup       => false,
      extract       => true,
      extract_path  => "/opt/cryptoportfolio/front/${front_version}",
      require       => File["/opt/cryptoportfolio/front/${front_version}"],
    }

    file { "/opt/cryptoportfolio/front/current":
      ensure  => "link",
      target  => "/opt/cryptoportfolio/front/${front_version}",
      require => Archive["/opt/cryptoportfolio/front/${front_version}.tar.gz"]
    }
  }

}