class role::etherpad (
) {
  $password_seed = lookup("base_installation::puppet_pass_seed")

  include "base_installation"

  include "profile::tools"
  include "profile::postgresql"
  include "profile::apache"

  ensure_packages(["npm"])
  ensure_packages(["abiword"])
  ensure_packages(["libreoffice-fresh", "libreoffice-fresh-fr", "java-runtime-common", "jre8-openjdk"])
  ensure_packages(["tidy"])
  aur::package { "etherpad-lite": }
  -> patch::file { "/usr/share/etherpad-lite/src/node/utils/LibreOffice.js":
    diff_source => "puppet:///modules/role/etherpad/libreoffice_patch.diff",
  }

  $modules = [
    "ep_aa_file_menu_toolbar",
    "ep_adminpads",
    "ep_align",
    "ep_bookmark",
    "ep_clear_formatting",
    "ep_colors",
    "ep_copy_paste_select_all",
    "ep_cursortrace",
    "ep_embedmedia",
    "ep_font_family",
    "ep_font_size",
    "ep_headings2",
    "ep_ldapauth",
    "ep_line_height",
    "ep_markdown",
    "ep_previewimages",
    "ep_ruler",
    "ep_scrollto",
    "ep_set_title_on_pad",
    "ep_subscript_and_superscript",
    "ep_timesliderdiff"
    ]

  $modules.each |$module| {
    exec { "npm_install_$module":
      command     => "/usr/bin/npm install $module",
      unless      => "/usr/bin/test -d /usr/share/etherpad-lite/node_modules/$module",
      cwd         => "/usr/share/etherpad-lite/",
      environment => "HOME=/root",
      require     => Aur::Package["etherpad-lite"],
      before      => Service["etherpad-lite"],
      notify      => Service["etherpad-lite"],
    }
    ->
    file { "/usr/share/etherpad-lite/node_modules/$module/.ep_initialized":
      ensure => present,
      mode   => "0644",
      before => Service["etherpad-lite"],
    }
  }

  service { "etherpad-lite":
    enable    => true,
    ensure    => "running",
    require   => Aur::Package["etherpad-lite"],
    subscribe => Aur::Package["etherpad-lite"],
  }

  $web_host    = "outils-1.v.immae.eu"
  $pg_db       = "etherpad-lite"
  $pg_user     = "etherpad-lite"
  $pg_password = generate_password(24, $password_seed, "postgres_etherpad")

  profile::postgresql_master { "postgresql master for etherpad":
    letsencrypt_host => $web_host,
    backup_hosts     => ["backup-1"],
  }

  postgresql::server::db { $pg_db:
    user     =>  $pg_user,
    password =>  postgresql_password($pg_user, $pg_password),
  }

  postgresql::server::pg_hba_rule { "allow local access to $pg_user user":
    type        => 'local',
    database    => $pg_db,
    user        => $pg_user,
    auth_method => 'ident',
    order       => "05-01",
  }

}