# @summary Sets up a local container registry
#
# Note that this is more of a role.
class profiles::container_registry (
  String $server_name,
  Enum['present', 'absent'] $ensure = 'present',
) {
  include profiles::nginx

  $socket = '/run/distribution/distribution.sock'
  class { 'profiles::distribution_registry':
    http_addr => $socket,
    http_net  => 'unix',
  }

  include ::profiles::certificate
  letsencrypt::domain { $server_name:
    cert_name => $profiles::certificate::cert_name,
  }

  if $ensure == 'present' {
    @@dns::record { "AAAA ${server_name}":
      type  => 'AAAA',
      zone  => "${facts['domain']}.",
      key   => $server_name.split('.')[0],
      value => $facts['ipaddress6'],
    }
  }

  nginx::resource::server { $server_name:
    ensure               => $ensure,
    ipv6_enable          => true,
    ipv6_listen_options  => '',
    use_default_location => false,
    client_max_body_size => '0',
    server_cfg_append    => {
      'chunked_transfer_encoding' => 'on',
    },
    *                    => letsencrypt::conf::nginx($server_name),
  }

  if $facts['letsencrypt_directory'][$server_name] {
    nginx::resource::location { "${server_name} /":
      location    => '/',
      proxy       => "http://unix:${socket}",
      index_files => [],
      ssl         => true,
      ssl_only    => true,
      server      => $server_name,
    }
  }

  # TODO add user http to group distribution
}