# local backups using duplicity
define backup::duplicity(
    $encryptkey            = false,
    $password              = false,
    $order                 = 50,
    $ensure                = present,
    $full_if_older_than    = "1M",
    $remove_older_than     = "45D",
    $remove_all_but_n_full = "1",
    $periodic_check        = absent,
    $directory             = "${backup::params::backupdir}/duplicity"
) {

  if $encryptkey == false and $ensure == 'present' {
    err("need to define a key!")
  }

  if $password == false and $ensure == 'present' {
    err("need to define password!")
  }

  $exclude_unencrypted = $backup::params::exclude_unencrypted
  $include_unencrypted = $backup::params::include_unencrypted

  # backup dest folder
  file { "${backup::params::backupdir}/duplicity":
    ensure  => directory,
    owner   => "root",
    group   => "root",
  }

  # the backupninja rule for this duplicity backup
  file { "${backupninja::configdir}/${order}_duplicity-${title}.sh":
    ensure  => $ensure,
    content => template('backup/duplicity.sh.erb'),
    owner   => root,
    group   => root,
    mode    => '0600',
    require => File["${backupninja::configdir}"],
  }

  # check duplicity backups once a week
  cron { "duplicity_check-$title.$domain":
    command  => "/bin/bash ${backupninja::configdir}/${order}_duplicity-${title}.sh --check",
    user     => root,
    hour     => "0",
    minute   => "0",
    weekday  => "0",
    ensure   => $periodic_check,
  }
}