# handles puppetmasterd service
class puppetmasterd {

  # Configuration
  case $puppetmaster_servertype {
    '': { 
      $puppetmaster_servertype  = 'mongrel'
      $puppetmaster_daemon_opts = '--ssl_client_header=HTTP_X_SSL_SUBJECT'
    }
  }

  case $puppetmaster_puppetmasters {
    '': { $puppetmaster_puppetmasters = '4' }
  }

  case $puppetmaster_port {
    '': { $puppetmaster_port = '18140' }
  }

  # Use this option if you want puppet to manage the certificates for all
  # master nodes, useful when using multiple masters as prevents issues such as
  # http://groups.google.com/group/puppet-users/browse_thread/thread/f24bd7500e9091bd
  #
  # The drawbacks are: 
  #
  #   - Such setup is more complete to manage when bootstrapping a fresh network.
  #   - It doesn't refresh the proxy server (eg. nginx) upon key updates.
  #
  # A better approach is to keep certificates at /etc/puppet/ssl (and hence at your puppet repo).
  if $puppetmaster_manage_ca == true {
    include puppetmaster::ca
  }

  # warns that this node has a puppetmaster
  $puppetmasterd_present = true

  # then include puppet class
  include puppetd

  # needed packages
  package {
    "puppetmaster":  ensure => installed;
    "sqlite3":       ensure => installed;
    "libmysql-ruby": ensure => installed;
  }

  file { "/etc/default/puppetmaster":
    ensure  => present,
    owner   => root,
    group   => root,
    mode    => 0644,
    content => template('puppet/puppetmaster.erb'),
    notify  => Service['puppetmaster'],
  }

  case $puppetmaster_servertype {
    'mongrel': {
      include nginx::puppetmaster

      case defined(Package["mongrel"]) {
        false: { package { "mongrel": ensure => installed, } }
      } 

      service { "puppetmaster":
        enable     => true,
        ensure     => running,
        hasrestart => true,
        pattern    => 'puppet master',
        require    => [ Package['puppetmaster'], Package['mongrel'], Service['nginx'] ],
      }
    }
    default: {
      service { "puppetmaster":
        enable     => true,
        ensure     => running,
        hasrestart => true,
        pattern    => 'puppet master',
        require    => Package['puppetmaster'],
      }
    }
  }

  # cron rule to update puppet config repository every 5 minutes
  cron { "puppet-update":
    command  => "/usr/local/sbin/update-puppet-conf.sh > /dev/null 2>&1",
    user     => puppet,
    minute   => "*/5",
    ensure   => present,
    require  => [ File["/usr/local/sbin/update-puppet-conf.sh"], User["puppet"] ],
  }

  # cron rule to execute puppetlast once a week as a report
  cron { "puppetlast":
    command  => "/usr/local/sbin/puppetlast",
    user     => root,
    hour     => "0",
    minute   => "0",
    weekday  => "0",
    ensure   => absent,
    require  => File["/usr/local/sbin/puppetlast"],
  }

  # cron rule to restart puppetmaster before restarting the nodes
  cron { "puppetmaster-restart":
    command  => "/etc/init.d/puppetmaster restart > /dev/null 2>&1",
    user     => root,
    hour     => "*/1",
    minute   => "0",
    ensure   => absent,
  }

  # custom puppetlast command, thanks to immerda module:
  # http://git.puppet.immerda.ch/?p=module-puppet.git;a=summary
  #
  # right now it's not working, see
  # https://labs.riseup.net/code/issues/2515
  file { "/usr/local/sbin/puppetlast":
    ensure => absent,
    source => "puppet:///modules/puppet/lastruncheck",
    owner  => root,
    group  => root,
    mode   => 0700,
  }

  # restart the master from time to time to avoid memory problems
  # thanks to https://labs.riseup.net/code/projects/shared-puppet
  file { "/etc/cron.d/puppetmaster":
    source => "puppet://$server/modules/puppet/cron.d/puppetmaster",
    owner  => root,
    group  => root,
    mode   => 0644;
  }

  # and the script to the cron-job above
  file { "/usr/local/sbin/update-puppet-conf.sh":
    source => "puppet://$server/modules/puppet/update-puppet-conf.sh",
    owner  => "puppet",
    group  => "puppet",
    mode   => 0755,
    ensure => present,
  }

  # for storeconfigs
  include mysql::server

  # Database creation as suggested by
  # http://reductivelabs.com/trac/puppet/wiki/Recipes/MySQLStoredConfiguration
  #exec { "create-storeconfigs-db":
  #    command         => "/usr/bin/mysqladmin create puppet",
  #    unless          => "/usr/bin/mysqlcheck -s puppet",
  #    notify          => Exec["create-storeconfigs-user"],
  #}
  #exec { "create-storeconfigs-user":
  #    command         => "/usr/bin/mysql -e 'grant all privileges on puppet.* to puppet@localhost identified by \"puppet\"'",
  #    refreshonly     => true,
  #}

}

class puppetmasterd::disabled inherits puppetmasterd {
  Service["puppetmaster"] {
    ensure => stopped,
  }

  Cron["puppetlast", "puppetmaster-restart", "puppet-update"] {
    ensure => absent,
  }
}