class profiles::puppetboard {
  # https://forge.puppet.com/modules/puppet/puppetboard/readme
  # Configure Apache
  class { 'apache':
    default_vhost => false,
    purge_configs => true,
  }

  $wsgi = $facts['os']['family'] ? {
    'Debian' => {
      package_name => 'libapache2-mod-wsgi-py3',
      mod_path     => '/usr/lib/apache2/modules/mod_wsgi.so',
    },
    default  => {}
  }

  class { 'apache::mod::wsgi':
    * => $wsgi,
  }

  # Configure puppetboard

  class { 'puppetboard':
    manage_git        => true,
    manage_virtualenv => true,
    require           => Class['puppetdb'],
    puppetdb_port     => 8080,
    # Required for /metrics/ to work
    puppetdb_host   => '127.0.0.1',
    enable_catalog  => true,
    python_loglevel => 'info',
    offline_mode    => true,
  }

  class { '::profiles::letsencrypt':
    provider => apache,
  }

  $certname = lookup('certname')
  class { 'puppetboard::apache::vhost':
    vhost_name => $::fqdn,
    port       => 443,
    ssl        => true,
    ssl_cert   => "/etc/letsencrypt/live/${certname}/cert.pem",
    ssl_key    => "/etc/letsencrypt/live/${certname}/privkey.pem",
    ssl_chain  => "/etc/letsencrypt/live/${certname}/fullchain.pem",
  }

  apache::vhost { "http-redirect":
    servername      => $::fqdn,
    port            => 80,
    redirect_source => ['/'],
    redirect_dest   => ["https://${::fqdn}/"],
    redirect_status => ['permanent'],
    docroot         => false,
  }
}