# @summary Manages the "distribution" container registry service
#
# https://github.com/distribution/distribution
#
# @param http_addr
#   Address to listen to
# @param http_net
#   If http_addr refers to an IP-address/port, or a unix socket
# @param registry_dir
#   Container storage.
# @param htpasswd
#   Location of htpasswd file
#   TODO only have this if basic authentication is used.
# @param conf_file
#   Path to configuration file.
#   Does *not* move the configuration file, but is where the
#   configuraion file is expected to be on the machine.
# @param ensure
#   To allow decomissioning
class profiles::distribution_registry (
  String $http_addr,
  Enum['tcp', 'unix'] $http_net = 'tcp',
  String $registry_dir = '/var/lib/registry',
  String $htpasswd = '/var/lib/distribution-registry/htpasswd',
  String $conf_file = '/etc/distribution-registry/conf.yml',
  Enum['present', 'absent'] $ensure = 'present',
) {
  ensure_packages([
    'distribution-registry',
  ], {
    'ensure' => $ensure,
  })

  if $ensure == 'present' {
    service { 'distribution-registry.service':
      ensure => running,
    }

    file { $conf_file:
      content => to_yaml({
        'version' => '0.1',
        'log'     => {
          'fields' => {
            'service' => 'registry',
          },
        },
        'storage' => {
          'cache'      => {
            'blobdescriptor' => 'inmemory',
          },
          'filesystem' => {
            'rootdirectory' => $registry_dir,
          },
        },
        'http'    => {
          'addr' => $http_addr,
          'net'  => $http_net,
        },
        'auth'    => {
          'htpasswd' => {
            'realm' => 'basic-realm',
            'path'  => $htpasswd,
          },
        },
        'health'  => {
          'storagedriver' => {
            'enabled'   => true,
            'interval'  => '10s',
            'threshold' => 3,
          },
        },
        })
    }
  } else {
    file { $conf_file:
      ensure => absent,
    }
  }
}