define apache::site($ensure = present, $docroot = false, $redirect = false,
            $redirect_match = false, $protocol = 'http', $aliases = false,
            $server_alias = false, $use = false, $ticket = false,
            $source = false, $template = 'apache/site.erb', $filename = '',
            $manage_docroot = true, $owner = 'root', $group = 'root',
            $mpm = true, $mpm_user = '', $mpm_group = '', $password = '*',
            $comment = '', $sshkey = absent,
            $groups = '', $shell = '/bin/false', $manage_user = true,
            $ssl = false, $listen = '*', $https_redirect = false,
            $canonical = false, $canonical_exceptions = '', $hidden_service = false) {

  $vhost = $filename ? {
    ''      => "$title",
    default => "$filename",
  }

  $hosting_domain = $base_domain ? {
    ''      => $domain,
    default => $base_domain,
  }

  $user = $mpm_user ? {
    ''      => regsubst($title, '\.', '_', 'G'),
    default => $mpm_user,
  }

  $gid = $mpm_group? {
    ''      => regsubst($title, '\.', '_', 'G'),
    default => $mpm_group,
  }

  if $hidden_service == true {
    # Make sure that the tor daemon is included
    if !defined('::tor::daemon') {
      class { '::tor::daemon': }
    }

    # It's important to use a subdir from the tor datadir
    # to ease backup/restore procedures as we don't mix
    # hidden service data with other tor files.
    if !defined(File["${tor::daemon::data_dir}/hidden"]) {
      file { "${tor::daemon::data_dir}/hidden":
        ensure => directory, 
        owner  => 'debian-tor',
        group  => 'debian-tor',
        mode   => 0700,
      }
    }

    tor::daemon::hidden_service { $title:
      ports    => [ "80 127.0.0.1:80" ],
      data_dir => "${tor::daemon::data_dir}/hidden",
      require  => File["${tor::daemon::data_dir}/hidden"],
      ensure   => $ensure,
    }
  }

  if $mpm == true and $manage_user == true and $user != 'root' {
    if $ensure == present {
      if !defined(Group[$gid]) {
        group { "$gid":
          ensure => present,
        }
      }

      if !defined(User["$user"]) {
        user::manage { "$user":
          tag      => "virtual",
          password => $password,
          gid      => $gid,
          comment  => $comment,
          ticket   => $ticket,
          groups   => $groups,
          sshkey   => $sshkey,
          shell    => $shell,
          ensure   => present,
          require  => Group[$gid],
        }
      }
    }
    else {
      if !defined(User["$user"]) {
        user::manage { "$user":
          tag      => "virtual",
          password => $password,
          ensure   => absent,
        }
      }

      if !defined(Group[$gid]) {
        group { "$gid":
          ensure  => absent,
          require => User[$user],
        }
      }
    }
  }

  if $ssl == true {
    ssl::cert { "$name":
      group    => $gid,
      privmode => '0640',
      ensure   => $ensure,
    }
  
    ssl::check { "$name":
      file   => "/etc/ssl/certs/$name.crt",
      ensure => $ensure,
    }
  }

  case $source {
    true: {
             file { "${apache::sites}-available/$vhost":
               ensure  => $ensure,
               source  => [ "puppet:///modules/site_apache/vhosts/$domain/$title",
                            "puppet:///modules/site_apache/vhosts/$title" ],
               owner   => root,
               group   => root,
               mode    => 0644,
               require => File["${apache::macros}"],
               notify  => Service["apache"],
             }
           }
    false: {
             file { "${apache::sites}-available/$vhost":
               ensure  => $ensure,
               content => template("$template"),
               owner   => root,
               group   => root,
               mode    => 0644,
               require => File["${apache::macros}"],
               notify  => Service["apache"],
             }
           }
  }

  # Enable the site without a2ensite
  #
  #$status = $ensure ? {
  #  'present' => "${apache::sites}-available/$vhost",
  #  default   => 'absent',
  #}
  #
  #file { "/etc/apache2/sites-enabled/$title":
  #  ensure  => $status,
  #  owner   => root,
  #  group   => root,
  #  require => File["${apache::sites}-available/$title"],
  #  notify  => Service["apache"],
  #}

  case $ensure {
    'present': {
      if ($docroot != false) and ($manage_docroot == true) {
        if !defined(File["${docroot}"]) {
          file { "${docroot}":
            ensure  => present,
            owner   => $owner,
            group   => $group,
            mode    => 0755,
            recurse => false,
          }
        }
        if !defined(Exec["check_docroot_${docroot}"]) {
          # Ensure parent folder exist
          exec { "check_docroot_${docroot}":
            command => "/bin/mkdir -p ${docroot}",
            unless  => "/bin/sh -c '[ -e ${docroot} ]'",
            user    => root,
            before  => File["${docroot}"], 
          }
        }
      }
      exec { "/usr/sbin/a2ensite $vhost":
        unless  => "/bin/sh -c '[ -L ${apache::sites}-enabled/$vhost ] \
                && [ ${apache::sites}-enabled/$vhost -ef ${apache::sites}-available/$vhost ]'",
        notify  => Exec["reload-apache2"],
      }
    }
    'absent': {
      exec { "/usr/sbin/a2dissite $vhost":
        onlyif  => "/bin/sh -c '[ -L ${apache::sites}-enabled/$vhost ] \
                && [ ${apache::sites}-enabled/$vhost -ef ${apache::sites}-available/$vhost ]'",
        notify  => Exec["reload-apache2"],
      }

      file { "${apache::sites}-enabled/$vhost":
        ensure => absent,
        notify => Exec["reload-apache2"],
      }
    }
    default: { err ("Unknown ensure value: '$ensure'") }
  }
}