---

- name: Install Docker packages
  community.general.pacman:
    name:
      - docker
      - docker-compose

- name: Create docker user
  user:
    name: docker
    group: docker

- name: Create Gitea user
  user:
    name: gitea
  register: user_gitea
  when: '"gitea" in group_names'

- name: Create Syncthing group
  group:
    name: vault
    state: present

- name: Create Syncthing user
  user:
    name: syncthing
    group: vault
  register: user_syncthing
  when: '"syncthing" in group_names'

- name: Create Syncthing vault directories
  file:
    path: "{{ item }}"
    state: directory
    owner: syncthing
    group: vault
    mode: "u=rwX,g=rwX,o="
  with_items:
    - "{{ vault_path }}"
    - "{{ archive_path }}"

- name: Create Syncthing config directory
  file:
    path: "{{ syncthing_conf_dir }}"
    state: directory
    owner: syncthing
    group: vault
    mode: "u=rwX,g=,o="

- name: Add unpriviledged user to file management group
  user:
    name: "{{ username }}"
    append: yes
    groups: vault

- name: Create Paperless group
  group:
    name: paperless
    state: present
  register: group_paperless

- name: Create Paperless user
  user:
    name: paperless
    group: paperless
  register: user_paperless

- name: Create Paperless directories
  file:
    path: "{{ dataroot }}/paperless/{{ item }}"
    state: directory
    owner: paperless
    group: paperless
    mode: "u=rwX,g=,o="
  with_items:
    - data
    - media

- name: Create Paperless consume directory
  file:
    path: "{{ dataroot }}/paperless/consume"
    state: directory
    owner: paperless
    group: vault
    mode: "u=rwX,g=rwX,o="

- name: Create Paperless .env file
  template:
    src: "paperless.env.j2"
    dest: "{{ docker_compose_dir }}/paperless.env"
    lstrip_blocks: true

- name: Create Navidrome user
  user:
    name: navidrome
  register: user_navidrome
  when: '"navidrome" in group_names'

- name: Create Navidrome directory
  file:
    path: "{{ dataroot }}/navidrome"
    state: directory
    owner: navidrome
    group: navidrome
    mode: "u=rwX,g=rwX,o="

- name: Create music directory
  file:
    path: "{{ music_path }}"
    state: directory
    owner: navidrome
    group: vault
    mode: "u=rwX,g=rwX,o="

- name: Set ACL to allow navidrome to read synced music
  ansible.posix.acl:
    default: true
    entity: navidrome
    etype: user
    permissions: rx
    recursive: true
    state: present
    path: "{{ music_path }}"

- name: Create docker-compose directory
  ansible.builtin.file:
    path: "{{ docker_compose_dir }}"
    owner: "{{ admin_username }}"
    group: "{{ admin_username }}"
    state: directory

- name: Create Synapse user
  user:
    name: synapse
  register: user_synapse
  when: '"synapse" in group_names'

- name: Generate docker-compose.yml
  template:
    src: "docker-compose.yml.j2"
    dest: "{{ docker_compose_dir }}/docker-compose.yml"
    lstrip_blocks: true
  register: generateComp

- name: Create systemd unit file
  template:
    src: "docker-compose.service.j2"
    dest: "/etc/systemd/system/docker-compose.service"

- name: Compose up (update images if necessary)
  systemd:
    name: docker-compose
    state: reloaded
    enabled: true
  register: compUp