---

- name: Install dependencies
  ansible.builtin.package:
    name:
      - podman
      - postgresql
      - python3-psycopg2

- name: Create pretix group
  ansible.builtin.group:
    name: "{{ pretix_system_group }}"

- name: Create pretix user
  ansible.builtin.user:
    name: "{{ pretix_system_user }}"
    group: "{{ pretix_system_group }}"
    home: "{{ pretix_system_home }}"
    password: '!'
    shell: /usr/sbin/nologin
    comment: Pretix

- name: Create subuid entry
  ansible.builtin.lineinfile:
    path: /etc/subuid
    line: "{{ pretix_system_user }}:{{ pretix_subuid_begin }}:{{ pretix_subuid_count }}"
    regexp: "^{{ pretix_system_user }}:"
    create: true
    owner: root
    group: root
    mode: "0644"

- name: Create subgid entry
  ansible.builtin.lineinfile:
    path: /etc/subgid
    line: "{{ pretix_system_user }}:{{ pretix_subgid_begin }}:{{ pretix_subgid_count }}"
    regexp: "^{{ pretix_system_user }}:"
    create: true
    owner: root
    group: root
    mode: "0644"

- name: Create pretix data directory
  ansible.builtin.file:
    path: "{{ pretix_system_home }}/data"
    state: directory
    owner: "{{ pretix_subuid_begin + pretix_container_uid }}"
    group: "{{ pretix_subgid_begin + pretix_container_gid }}"
    mode: "0700"

- name: Create PostgreSQL user
  community.postgresql.postgresql_user:
    name: "{{ pretix_postgresql_username }}"
    #password: "{{ pretix_postgresql_password }}"
    #no_password_changes: true

- name: Create PostgreSQL database
  community.postgresql.postgresql_db:
    name: "{{ pretix_postgresql_database }}"
    owner: "{{ pretix_postgresql_username }}"

- name: Create Pretix configuration directory
  ansible.builtin.file:
    path: /etc/pretix
    owner: "{{ pretix_system_user }}"
    group: "{{ pretix_system_group }}"
    mode: "0755"
    state: directory

- name: Render Pretix configuration
  ansible.builtin.template:
    src: etc/pretix/pretix.cfg.j2
    dest: /etc/pretix/pretix.cfg
    owner: "{{ pretix_system_user }}"
    group: "{{ pretix_system_group }}"
    mode: "0700"
    notify: Restart Pretix

- name: Create pretix-cache container
  containers.podman.podman_container:
    name: pretix-cache
    image: "{{ pretix_cache_image }}:{{ pretix_cache_image_tag }}"
    restart_policy: unless-stopped
    labels:
      com.centurylinklabs.watchtower.enable: "{{ pretix_watchtower_enabled | ternary('true', 'false') }}"
    subuidname: "{{ pretix_system_user }}"
    subgidname: "{{ pretix_system_user }}"

- name: Create pretix container
  containers.podman.podman_container:
    name: pretix
    image: "{{ pretix_image }}:{{ pretix_image_tag }}"
    command: "all"
    restart_policy: unless-stopped
    ports:
      - "{{ pretix_http_hostaddr }}:{{ pretix_http_hostport }}:80"
    volumes:
      - "/etc/pretix:/etc/pretix:ro"
      - "{{ pretix_system_home }}/data:/data"
      - "/run/postgresql:/run/postgresql"
    sysctl:
      net.core.somaxconn: "4096"
    subuidname: "{{ pretix_system_user }}"
    subgidname: "{{ pretix_system_user }}"
    labels:
      com.centurylinklabs.watchtower.enable: "{{ pretix_watchtower_enabled | ternary('true', 'false') }}"

- name: Run Pretix upgrade
  containers.podman.podman_container_exec:
    container: pretix
    command: pretix upgrade

- name: Render Pretix cronjob
  ansible.builtin.template:
    src: etc/cron.d/pretix.j2
    dest: /etc/cron.d/pretix
    owner: root
    group: root
    mode: "0644"