# Configure a SUNET CDN DB server
class cdn::db(
  String $postgres_version = '17.0-bookworm',
)
{

  $db_secrets = lookup({ 'name' => 'cdn::db-secrets', 'default_value' => undef })

  file { '/opt/sunet-cdn':
    ensure => directory,
    owner  => 'root',
    group  => 'root',
    mode   => '0755',
  }

  file { '/opt/sunet-cdn/compose':
    ensure => directory,
    owner  => 'root',
    group  => 'root',
    mode   => '0750',
  }

  sunet::nftables::docker_expose { 'expose postgres-db' :
    allow_clients => '127.0.0.1',
    port          => 5432,
    iif           => $facts['networking']['primary'],
  }

  sunet::docker_compose { 'sunet-cdn-ca':
    content          => template('cdn/db/docker-compose.yml.erb'),
    service_name     => 'cdn-ca',
    compose_dir      => '/opt/sunet-cdn/compose',
    compose_filename => 'docker-compose.yml',
    description      => 'SUNET CDN DB',
  }
}