# Install ejabberd.
#
# === Global variables
#
#   $ejabberd_hosts:
#       Array of domains serverd by ejabberd. Defaults to [ "$homename" ].
#
#   $ejabberd_admin:
#       Array of users with admin privileges.
#
#   $ejabberd_ssl_key:
#       Path to SSL private key.
#
#   $ejabberd_ssl_cert:
#       Path to SSL certificate.
#
#   $ejabberd_ssl_chain:
#       Path to SSL certificate chain.
#
class ejabberd {

    if !$ejabberd_hosts {
        $ejabberd_hosts = [ "${homename}" ]
    }
    if !$ejabberd_admin {
        $ejabberd_admin = []
    }

    package { "ejabberd":
        ensure => installed,
    }

    service { "ejabberd":
        ensure => running,
        enable => true,
    }

    case $operatingsystem {
        "debian", "ubuntu": {
            $cert_prefix = "/etc/ssl"
        }
        "centos", "fedora": {
            $cert_prefix = "/etc/pki/tls"
        }
    }

    if $ejabberd_ssl_key and $ejabberd_ssl_cert {
        file { "${cert_prefix}/private/ejabberd.key":
            ensure => present,
            source => $ejabberd_ssl_key,
            mode   => 0600,
            owner  => root,
            group  => root,
            notify => Exec["generate-ejabberd-pem"],
        }
        file { "${cert_prefix}/certs/ejabberd.crt":
            ensure => present,
            source => $ejabberd_ssl_cert,
            mode   => 0644,
            owner  => root,
            group  => root,
            notify => Exec["generate-ejabberd-pem"],
        }
        if $ejabberd_ssl_chain {
            file { "${cert_prefix}/certs/ejabberd.chain.crt":
                ensure => present,
                source => $ejabberd_ssl_chain,
                mode   => 0644,
                owner  => root,
                group  => root,
                notify => Exec["generate-ejabberd-pem"],
            }
            $cert_files = "private/ejabberd.key certs/ejabberd.crt certs/ejabberd.chain.crt"
        } else {
            $cert_files = "private/ejabberd.key certs/ejabberd.crt"
        }
        exec { "generate-ejabberd-pem":
            path        => "/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin",
            cwd         => $cert_prefix,
            command     => "/bin/sh -c 'umask 077 ; cat ${cert_files} > /etc/ejabberd/ejabberd.pem'",
            refreshonly => true,
            before      => File["/etc/ejabberd/ejabberd.pem"],
            require     => Package["ejabberd"],
            notify      => Service["ejabberd"],
        }
    }

    file { "/etc/ejabberd/ejabberd.pem":
        ensure  => present,
        mode    => 0640,
        owner   => "root",
        group   => "ejabberd",
        require => Package["ejabberd"],
    }

    file { "/etc/ejabberd/ejabberd.cfg":
        ensure  => present,
        mode    => 0640,
        owner   => "root",
        group   => "ejabberd",
        content => template("ejabberd/ejabberd.cfg.erb"),
        require => Package["ejabberd"],
        notify  => Service["ejabberd"],
    }

    define configwebhost() {
        file { "/srv/www/https/${name}/jabber":
            ensure  => link,
            target  => "/var/www/jabber",
            require => File["/srv/www/https/${name}"],
        }
    }

    if $ejabberd_webhosts {
        file { "/var/www/jabber":
            ensure => directory,
            mode   => 0755,
            owner  => "root",
            group  => "root",
        }

        file { "/var/www/jabber/.htaccess":
            ensure  => present,
            mode    => 0644,
            owner   => "root",
            group   => "root",
            source  => "puppet:///modules/ejabberd/htaccess",
            require => File["/var/www/jabber"],
        }

        apache::configfile { "ejabberd.conf":
            http   => false,
            source => "puppet:///modules/ejabberd/ejabberd-httpd.conf",
        }

        configwebhost { $ejabberd_webhosts: }
    }
}