#
#
# Possible parameters:
#
#  - which flavor of OpenLDAP package to install
#  - install sync scripts
#  - authentication methods
#  - support whois
#  - hosting model
#  - where do we store the LDAP databases and log files
#  - do we enable bundle remctl service?
#
# Another consideration is where we build the ldap-tools servers from.
# They take only the ldap-utils, libldap, libnet-ldap-perl,
# libnet-ldapapi-perl, libstanford-ldapadmin-perl, libstanford-ldapserver-perl,
# python-ldap, the passive monitoring script(s) and the sync scripts  

class su_ldap (
  $hosting_model = 'traditional',
  #
  $auth_gssapi    = true,
  $auth_simple    = true,
  #
  $install_archive = undef,
  $install_distro  = undef,
){

  ## ERROR CHECKING ##
  if !($hosting_model in [ 'traditional', 'container', 'tools' ]) {
      fail("Unknown hosting model ${hosting_model}")
  }
  ## Install apt files/packages(?) so we load the correct version of OpenLDAP.
  include su_ldap::openldap_install

  ## Basic configuration: /etc/ldap/ldap.conf, /etc/default/slapd, et al.
  class { 'su_ldap::config':
    hosting_model => $hosting_model,
  }

  ## Install sync scripts (call from parent class instead)
  ## put these in tools instead?
  # include su_ldap::sync_scripts

  ## Install certificate
  ## TO DO

  ## Authentication methods (simple bind and GSSAPI)
  class { 'su_ldap::authentication':
    auth_gssapi => $auth_gssapi,
    auth_simple => $auth_simple,
  }

  if ($hosting_model == 'traditional') {
    class { 'su_ldap::traditional':
    }
  }

}