#
# insalls lam (LDAP Account Manager)
#

class wmdeit_ldap::lam(
	$archive = "lam_7_2.tar.gz",
	$domain = 'default1',
	$logdestination = "SYSLOG",
	$lamloglevel = 4,
	$master_password = "lam",
	$master_password_salt = "ABCD1234",

	$configs = {
		"wmde" => {}
	}

) {
	$arcfile = "/tmp/$archive"
	$extractdir = "/var/www/ldapaccountmanager"
	$docroot = "$extractdir/lam"
	
	$encoded_master_password= strip (regsubst(
		generate ("/bin/sh", "-c", "echo -n $master_password$master_password_salt | openssl dgst -binary -sha1 | openssl base64")
		, '\n', "\n "))

	$encoded_master_password_salt = strip(regsubst(
		 generate("/bin/sh","-c", "echo -n $master_password_salt | openssl base64")
		,  '\n', "\n "))

        class { 'apache':
		default_vhost => false,
                mpm_module => 'prefork',
        }

        class { 'apache::mod::php':
                php_version => '7.3'
        }

        class { '::php':
                extensions => {
                        curl => {},
			ldap => {},
			gd => {},
			gmp => {},
			zip => {},
                },
		notify => Service["apache2"],
		require => Class["apache"]
        }

	file {"/var/www":
		ensure => "directory"
	} ->
	archive {"$arcfile":
		ensure => present,		
		source => "https://srcsrv.wikimedia.de/WMDE/LDAPAccountManager/archive/$archive",
		extract => true,
		extract_path => "/var/www",
		creates => $extractdir
	} ->
	apache::vhost { $domain:
		port    => '80',
		docroot => $docroot
	} ->
	file {["$docroot/tmp","$docroot/sess"]:
		ensure => directory,
		owner => "www-data"	
	} ->
	file {"$docroot/config/config.cfg":
		ensure => file,
		content => template("wmdeit_ldap/lam-config.cfg.erb"),
		owner => "www-data",
	} ->
	file {"$docroot/config/profiles":
		ensure => directory,
	} ->
	file {"$docroot/config/pdf":
		ensure => directory,
	} ->
	file {"$docroot/lib/modules/wmdeGroup.inc":
		ensure => file,
		content => file("wmdeit_ldap/wmdeGroup.inc")
	}

	$configs.each | String $name, $conf | {
		$password =  $conf['password'] ? {
			undef          => '1234',
			default        => $conf['password'],
		}
		$password_salt =  $conf['password_salt'] ? {
			undef          => '5678',
			default        => $conf['password_salt'],
		}

		$encoded_password= strip (regsubst(
			generate ("/bin/sh", "-c", "echo -n $password$password_salt | openssl dgst -binary -sha1 | openssl base64")
		, '\n', "\n "))

		$encoded_password_salt = strip(regsubst(
		 generate("/bin/sh","-c", "echo -n $password_salt | openssl base64")
		,  '\n', "\n "))




		file {"$docroot/config/$name.conf":
			ensure => file,
			content => template("wmdeit_ldap/wmde.conf.erb"),
			owner => "www-data",
			require => File["$docroot/config/pdf"],
		} ->
		file {"$docroot/config/profiles/$name":
			ensure=>directory
		}->
		file{"$docroot/config/profiles/$name/default.user":
			ensure=>file,
			content => template("wmdeit_ldap/default.user.erb")
		} ->
		file{"$docroot/config/profiles/$name/default.group":
			ensure=>file,
			content => template("wmdeit_ldap/default.group.erb")
		}
	}

}