# SPDX-FileCopyrightText: 2025 - 2026 MDAD project contributors
# SPDX-FileCopyrightText: 2025 - 2026 Slavi Pantaleev
#
# SPDX-License-Identifier: AGPL-3.0-or-later

---

- name: Ensure tuwunel config path exists
  ansible.builtin.file:
    path: "{{ matrix_tuwunel_config_path }}"
    state: directory
    mode: '0750'
    owner: "{{ matrix_user_name }}"
    group: "{{ matrix_group_name }}"

- name: Ensure tuwunel data path exists
  ansible.builtin.file:
    path: "{{ matrix_tuwunel_data_path }}"
    state: directory
    mode: '0770'
    owner: "{{ matrix_user_name }}"
    group: "{{ matrix_group_name }}"

- name: Ensure tuwunel configuration installed
  ansible.builtin.template:
    src: "{{ matrix_tuwunel_template_tuwunel_config }}"
    dest: "{{ matrix_tuwunel_config_path }}/tuwunel.toml"
    mode: '0644'
    owner: "{{ matrix_user_name }}"
    group: "{{ matrix_group_name }}"
  register: matrix_tuwunel_config_result

- name: Ensure tuwunel support files installed
  ansible.builtin.template:
    src: "{{ role_path }}/templates/{{ item }}.j2"
    dest: "{{ matrix_tuwunel_base_path }}/{{ item }}"
    mode: '0640'
    owner: "{{ matrix_user_name }}"
    group: "{{ matrix_group_name }}"
  with_items:
    - labels
    - env
  register: matrix_tuwunel_support_files_result

- name: Ensure tuwunel container network is created
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_tuwunel_container_network }}"
    driver: bridge
    driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"

- name: Ensure tuwunel container image is pulled
  community.docker.docker_image_pull:
    name: "{{ matrix_tuwunel_container_image }}"
    pull: always
  register: matrix_tuwunel_container_image_pull_result
  retries: "{{ devture_playbook_help_container_retries_count }}"
  delay: "{{ devture_playbook_help_container_retries_delay }}"
  until: matrix_tuwunel_container_image_pull_result is not failed

- name: Ensure matrix-tuwunel.service installed
  ansible.builtin.template:
    src: "{{ role_path }}/templates/systemd/matrix-tuwunel.service.j2"
    dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-tuwunel.service"
    mode: '0644'
  register: matrix_tuwunel_systemd_service_result

- name: Determine whether tuwunel needs a restart
  ansible.builtin.set_fact:
    matrix_tuwunel_restart_necessary: >-
      {{
        matrix_tuwunel_config_result.changed | default(false)
        or matrix_tuwunel_support_files_result.changed | default(false)
        or matrix_tuwunel_systemd_service_result.changed | default(false)
        or matrix_tuwunel_container_image_pull_result.changed | default(false)
      }}