defaults = {
    'backups': {
        'paths': {
            '/var/opt/hedgedoc',
        },
    },
    'hedgedoc': {
        'config': {
            'production': {
                'loglevel': 'info',
                'hsts': {
                    'enable': False,
                },
                'csp': {
                    'enable': True,
                    'directives': {},
                    'addDefaults': True,
                    'addDisqus': False,
                    'addGoogleAnalytics': False,
                    'upgradeInsecureRequests': 'auto',
                    'reportURI': 'undefined',
                    'allowFraming': False,
                    'allowPDFEmbed': False,
                },
                'cookiePolicy': 'lax',
                'db': {
                    'username': 'hedgedoc',
                    'password': repo.vault.password_for('{} postgresql hedgedoc'.format(node.name)),
                    'database': 'hedgedoc',
                    'host': 'localhost',
                    'port': '5432',
                    'dialect': 'postgres'
                },
                'imageUploadType': 'filesystem',
                'uploadsPath': '/var/opt/hedgedoc',
                'allowAnonymous': False,
                'allowFreeURL': True,
                'requireFreeURLAuthentication': True,
                'sessionSecret': repo.vault.password_for('{} hedgedoc sessionSecret'.format(node.name)),
                'allowEmailRegister': False,
                'protocolUseSSL': True,
            },
        },
    },
    'postgresql': {
        'roles': {
            'hedgedoc': {
                'password': repo.vault.password_for('{} postgresql hedgedoc'.format(node.name)),
            },
        },
        'databases': {
            'hedgedoc': {
                'owner': 'hedgedoc',
            },
        },
    },
    'zfs': {
        'datasets': {
            'tank/hedgedoc': {},
            'tank/hedgedoc/install': {
                'mountpoint': '/opt/hedgedoc',
                'needed_by': {
                    'directory:/opt/hedgedoc',
                },
            },
            'tank/hedgedoc/uploads': {
                'mountpoint': '/var/opt/hedgedoc',
                'needed_by': {
                    'directory:/var/opt/hedgedoc',
                },
            },
        },
    },
}

if node.has_bundle('telegraf'):
    defaults['telegraf'] = {
        'input_plugins': {
            'http': {
                'hedgedoc_status': {
                    'urls': [
                        'http://127.0.0.1:3000/status'
                    ],
                    'data_format': 'json',
                },
            },
            'prometheus': {
                'hedgedoc': {
                    'urls': [
                        'http://127.0.0.1:3000/metrics'
                    ],
                    'metric_version': 2,
                },
            },
        },
    }


@metadata_reactor.provides(
    'icinga2_api/hedgedoc/services',
)
def icinga_check_for_new_release(metadata):
    return {
        'icinga2_api': {
            'hedgedoc': {
                'services': {
                    'HEDGEDOC UPDATE': {
                        'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_github_for_new_release hedgedoc/hedgedoc {}'.format(metadata.get('hedgedoc/version')),
                        'vars.notification.mail': True,
                        'check_interval': '60m',
                    },
                },
            },
        },
    }


@metadata_reactor.provides(
    'nginx/vhosts',
)
def nginx(metadata):
    if not node.has_bundle('nginx'):
        raise DoNotRunAgain

    locations = {
        '/': {
            'target': 'http://127.0.0.1:3000',
            'proxy_set_header': {
                'X-Real-IP': '$remote_addr',
            },
        },
        '/socket.io/': {
            'target': 'http://127.0.0.1:3000',
            'websockets': True,
            'proxy_set_header': {
                'X-Real-IP': '$remote_addr',
            },
        },
        '/metrics': {
            'return': 'forbidden',
            'mode': 403,
        },
        '/status': {
            'return': 'forbidden',
            'mode': 403,
        },
    }

    vhosts = {
        'hedgedoc': {
            'domain': metadata.get('hedgedoc/config/production/domain'),
            'locations': locations,
            'website_check_path': '/',
            'website_check_string': 'HedgeDoc',
        },
    }

    return {
        'nginx': {
            'vhosts': vhosts
        },
    }