class role::cryptoportfolio {
  include "base_installation"

  include "profile::postgresql"

  $password_seed = lookup("base_installation::puppet_pass_seed") |$key| { {} }

  postgresql::server::db { 'cryptoportfolio':
    user =>  'cryptoportfolio',
    password =>  postgresql_password('cryptoportfolio', generate_password(24, $password_seed, "postgres_cryptoportfolio")),
  }

  postgresql::server::pg_hba_rule { 'allow localhost TCP access to cryptoportfolio user':
    type        => 'host',
    database    => 'cryptoportfolio',
    user        => 'cryptoportfolio',
    address     => '127.0.0.1/32',
    auth_method => 'md5',
    order       => "b0",
  }
  postgresql::server::pg_hba_rule { 'allow localhost ip6 TCP access to cryptoportfolio user':
    type        => 'host',
    database    => 'cryptoportfolio',
    user        => 'cryptoportfolio',
    address     => '::1/128',
    auth_method => 'md5',
    order       => "b0",
  }

  ensure_packages("go")

  class { 'nginx': }

  nginx::resource::server { 'cryptoportfolio.immae.eu':
    listen_port => 80,
    proxy       => 'http://localhost:8000',
  }
}