# profiles::sql::patroni
class profiles::sql::patroni (
  String  $cluster_name,
  String  $superuser_password,
  String  $replication_password,
  String  $superuser_username = 'postgres',
  String  $replication_username = 'repl',
  String  $pgsql_version = '15',
  Stdlib::Absolutepath $pgsql_data_base = '/data/pgsql',
  Stdlib::Absolutepath $pgsql_data_dir = "${pgsql_data_base}/${pgsql_version}/data",
  Boolean $use_consul = true,
  String  $consul_host = 'localhost',
  Stdlib::Port $consul_port = 8500,
  Enum['http','https'] $consul_scheme = 'http',
  Variant[Undef,String] $consul_token = undef,
  Boolean $consul_verify = false,
  Boolean $consul_register_service = true,
  String  $consul_service_check_interval = '5s',
  String  $consul_cacert = '/etc/pki/ca-trust/source/anchors/vaultcaroot.pem',
  Boolean $postgres_exporter_enabled = false,
  Optional[String] $postgres_exporter_user = undef,
  Optional[String] $postgres_exporter_pass = undef,
){

  # disable the postgresql dnf module for el8+
  if $facts['os']['family'] == 'RedHat' and $facts['os']['release']['major'] >= '8' {
    # based on https://github.com/puppetlabs/puppetlabs-postgresql/blob/main/manifests/dnfmodule.pp
    package { 'postgresql dnf module':
        ensure   => 'disabled',
        name     => 'postgresql',
        provider => 'dnfmodule',
        before   => Class['patroni'],
    }
  }

  # prepare data path
  mkdir::p {$pgsql_data_dir:}
  file {$pgsql_data_dir:
    ensure  => 'directory',
    owner   => 'postgres',
    group   => 'postgres',
    mode    => '0700',
    require => Class['patroni'],
  }

  # manage patroni
  class { 'patroni':
    scope                         => $cluster_name,
    use_consul                    => $use_consul,
    consul_host                   => $consul_host,
    consul_port                   => $consul_port,
    consul_scheme                 => $consul_scheme,
    consul_token                  => $consul_token,
    consul_verify                 => $consul_verify,
    consul_register_service       => $consul_register_service,
    consul_service_check_interval => $consul_service_check_interval,
    consul_cacert                 => $consul_cacert,
    manage_python                 => false,
    pgsql_connect_address         => "${facts['networking']['fqdn']}:5432",
    restapi_connect_address       => "${facts['networking']['fqdn']}:8008",
    postgresql_version            => $pgsql_version,
    pgsql_data_dir                => $pgsql_data_dir,
    pgsql_pgpass_path             => '/var/lib/pgsql/pgpass',
    pgsql_parameters              => {
      'max_connections' => 5000,
    },
    superuser_username            => $superuser_username,
    superuser_password            => $superuser_password,
    replication_username          => $replication_username,
    replication_password          => $replication_password,
    require                       => [
      Yumrepo["postgresql-${pgsql_version}"],
      Yumrepo['postgresql-common']
    ],
  }

  # only apply changes to DBs/Users/Grants on master
  if ! $facts['psql_is_slave'] {
    # collect exported resources
    $tag = "${cluster_name}-${facts['country']}-${facts['region']}-${facts['environment']}"
    Profiles::Sql::Postgres::User <<| tag == $tag |>> {}
    Profiles::Sql::Postgres::Db <<| tag == $tag |>> {}
    Profiles::Sql::Postgres::Grant <<| tag == $tag |>> {}
  }

  if $postgres_exporter_enabled {
    class { 'exporters::postgres_exporter':
      db_user                       => $postgres_exporter_user,
      db_pass                       => $postgres_exporter_pass,
      cleanup_old_postgres_exporter => true,
      enable                        => true,
    }
  }
}