# Define a vserver instance
define nodo::vserver::instance(
 $context,
 $distro                = 'squeeze',
 $ensure                = 'running',
 $proxy                 = false,
 $puppetmaster          = false,
 $gitd                  = false,
 $mail                  = false,
 $icecast               = false,
 $sound                 = false,
 $tor                   = false,
 $ticket                = false,
 $memory_limit          = false,
 $dns                   = false,
 $jabber                = false,
 $mumble                = false,
 $gobby                 = false,
 $yacy                  = false,
 $rsync                 = false,
 $avahi                 = false,
 $munin_port            = false,
 $monkeysphere_ssh_port = false
) {

  # Instance id
  if $context <= 9 {
    $id = "0$context"
  } else {
    $id = $context
  }

  # Puppetmaster ssl port
  case $puppetmaster_port {
    '': { $puppetmaster_port = "8140" }
  }

  # Set puppetmaster non-ssl port
  case $puppetmaster_nonssl_port {
    '': { $puppetmaster_nonssl_port = "8141" }
  }

  # Tor port
  case $tor_port {
    '': { $tor_port = "9001" }
  }

  vserver { $name:
    ensure       => $ensure,
    context      => "$context",
    mark         => 'default',
    distro       => $distro,
    interface    => "eth0:192.168.0.$context/24",
    hostname     => "$name.$domain",
    memory_limit => $memory_limit,
  }

  # Some nodes need a lot of space at /tmp otherwise some admin
  # tasks like backups might not run.
  file { "/etc/vservers/${name}/fstab":
    source  => [ "puppet:///modules/site_nodo/etc/fstab/vserver/$name",
                 "puppet:///modules/nodo/etc/fstab/vserver" ],
    owner   => "root",
    group   => "root",
    mode    => 0644,
    ensure  => present,
    notify  => Exec["vs_restart_${name}"],
    require => Exec["vs_create_${name}"],
  }

  # Create a munin virtual resource to be realized in the node
  @@munin_node { "${name}":
    port => $munin_port ? {
      false   => "49$id",
      default => $munin_port,
    }
  }

  # Create a monkeysphere virtual resource to be realized in the node
  @@monkeysphere_host { "$name":
    port => $monkeysphere_ssh_port ? {
      false   => "22$id",
      default => $monkeysphere_ssh_port,
    }
  }

  # Sound support
  if $sound {
    if !defined(File["/usr/local/sbin/create-sound-devices"]) {
      file { "/usr/local/sbin/create-sound-devices":
        ensure => present,
        source => "puppet:///modules/nodo/sound/devices.sh",
        owner  => root,
        group  => root,
        mode   => 755,
      }
    }
    exec { "/usr/local/sbin/create-sound-devices ${name}":
      unless  => "/usr/local/sbin/create-sound-devices ${name} --check",
      user    => root,
      require => [ Exec["vs_create_${name}"], File["/usr/local/sbin/create-sound-devices"] ],
    }
  }

  # Apply firewall rules just for running vservers
  case $ensure {
    'running': {
      firewall::vserver::ssh { "$name":
        destination => "192.168.0.$context",
        port_orig => "22$id",
        port_dest => "22",
      }

      firewall::vserver::munin { "$name":
        destination => "192.168.0.$context",
        port_orig   => "49$id",
        port_dest   => "49$id",
      }

      if $proxy {
        class {
          "firewall::vserver::http":  destination => "192.168.0.$context";
          "firewall::vserver::https": destination => "192.168.0.$context";
        }
      }

      if $puppetmaster {
        class {
          "firewall::vserver::puppetmaster":
            destination              => "192.168.0.$context",
            puppetmaster_port        => $puppetmaster_port,
            puppetmaster_nonssl_port => $puppetmaster_nonssl_port,
        }
      }

      if $gitd {
        class {
          "firewall::vserver::gitd": destination => "192.168.0.$context";
        }
      }

      if $icecast {
        class {
          "firewall::vserver::icecast": destination => "192.168.0.$context";
        }
      }

      if $mail {
        class {
          "firewall::vserver::mail": destination => "192.168.0.$context";
        }
      }

      if $dns {
        class {
          "firewall::vserver::dns": destination => "192.168.0.$context";
        }
      }

      if $tor {
        class {
          "firewall::vserver::tor": destination => "192.168.0.$context";
        }
      }

      if $jabber {
        class {
          "firewall::vserver::jabber": destination => "192.168.0.$context";
        }
      }

      if $mumble {
        class {
          "firewall::vserver::mumble": destination => "192.168.0.$context";
        }
      }

      if $gobby {
        class {
          "firewall::vserver::gobby": destination => "192.168.0.$context";
        }
      }

      if $yacy {
        class {
          "firewall::vserver::yacy": destination => "192.168.0.$context";
        }
      }

      if $rsync {
        class {
          "firewall::vserver::rsync": destination => "192.168.0.$context";
        }
      }

      if $avahi {
        class {
          "firewall::vserver::mdns": destination => "192.168.0.$context";
        }
      }
    }
  }
}