class aes::aes_sw {

  $examadm_user = examadm
  $examadm_group = "${examadm_user}"
  $examadm_home = "/home/${examadm_user}"

  package {
    [
      'a2ps',
      'cronie',
      'java-11-openjdk-devel',
    ]:
      ensure  => installed,
  }

  user { "examadm" :
    ensure => present,
    managehome => false,
    membership => inclusive,
    system => true,
    shell => '/sbin/nologin',
  }

  file { "/etc/systemd/system/aes_login.service":
    ensure => present,
    owner  => root,
    group  => root,
    mode => '0644',
    content => @(LOGINSERVICE)
    [Unit]
    Description=AES Login server
    After=network.target
    
    [Service]
    Type=simple
    User=examadm
    WorkingDirectory=/home/examadm/Version-3.1/exam
    ExecStart=/usr/bin/python3 /home/examadm/Version-3.1/pub/bin/examiner/find_pnr_and_otp_from_liuid.py

    [Install]
    WantedBy=multi-user.target
    | LOGINSERVICE
  }

  # todo: logrotate
  service { "aes_login" : 
    ensure => "running",
  }

  file { "/etc/systemd/system/aes_ms.service":
    ensure => present,
    owner  => root,
    group  => root,
    mode => '0644',
    content => @(MSSERVICE)
    [Unit]
    Description=AES Exam server
    After=network.target
    
    [Service]
    Type=simple
    User=examadm
    WorkingDirectory=/home/examadm/Version-3.1
    ExecStart=/usr/bin/java -Xmx512M -jar /home/examadm/Version-3.1/pub/bin/examiner/ms.jar /home/examadm/Version-3.1

    [Install]
    WantedBy=multi-user.target
    | MSSERVICE
  }

  file { "/etc/cron.daily/aes_ms":
    ensure => present,
    owner  => root,
    group  => root,
    mode => '0700',
    content => @(MSCRON)
    #!/bin/sh
    /usr/bin/systemctl restart aes_ms
    | MSCRON
  }

  # todo: logrotate
  service { "aes_ms" : 
    ensure => "running",
  }

  exec { 'script-repo-clone':
    command => '/usr/bin/git clone --quiet --single-branch --branch master --depth 1 git@gitlab.liu.se:examadm/scripts.git',
    cwd => "${examadm_home}",
    creates => "${examadm_home}/scripts",
    user => "${examadm_user}",
    group => "${examadm_group}",
    require => File["${examadm_home}/.ssh/known_hosts"],
  }

  schedule { 'everyday':
    period => daily,
    range => '01:00 - 04:00',
  }

  exec { 'script-repo-pull':
    command => '/usr/bin/git pull --depth 1',
    cwd => "${examadm_home}/scripts",
    onlyif => "/usr/bin/test -d ${examadm_home}/scripts/.git",
    user => "${examadm_user}",
    group => "${examadm_group}",
#    schedule => 'everyday',
  }

  file { "${examadm_home}/.ssh/known_hosts":
    ensure => present,
    owner  => "${examadm_user}",
    group  => "${examadm_group}",
    mode => '0644',
    content => @(KNOWNHOST)
    gitlab.liu.se,2001:6b0:17:f003::44 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBF3yWjkuKo7f3OH4BhGwcd71lkWZqdyk7cxOCn5exPoqLldt2OfbhEA7lM+89Gr/AqRbHlbrS1M8An7j4Lj77hc=
    | KNOWNHOST
  }
}