- name: ship setup
  hosts: all
  gather_facts: no
  vars:
    user: "{{ '$USER' | expandvars }}"
    data: "{{ '$HOME/services' | expandvars }}"

  # podman-rootless
  #
  # * using native overflay fs support (no fuse)
  #   - at least kernel version 5.13
  #   - podman info -f '{{.Store.GraphDriverName}}'
  #     -> "overlay"
  #   - podman info -f '{{index .Store.GraphStatus "Native Overlay Diff"}}'
  #     -> true
  #   - if configured with different storage driver before may need to run
  #     podman system reset  # deletes every image/container/.. with old driver
  #   - cat .local/share/containers/storage/overlay/.has-mount-program
  #     -> false
  #
  # * configure storage driver
  #   > cat .config/containers/storage.conf
  #   [storage]
  #   driver = "overlay"

  tasks:

    # -- LINGER ----------------------------------------------------------------

    # Enable lingering for user, such that processes are not killed if
    # there is no login session.
    - name: enable-linger
      become: true
      command: loginctl enable-linger {{ user }}
      args:
        # Command is not re-run if following file exits.
        # https://docs.ansible.com/ansible/latest/collections/ansible/builtin/command_module.html#parameter-creates
        creates: "/var/lib/systemd/linger/{{ user }}"

    # -- PACKAGES --------------------------------------------------------------

    - name: install-packages
      become: true
      ansible.builtin.package:
        name: "{{ item }}"
        state: latest
      loop:
        - vim
        - podman
        - tmux
        - git
        - ncdu
        - restic
        # For restic mount.
        - fuse

    # -- COPY FILES ------------------------------------------------------------

    - name: copy-files
      ansible.builtin.copy:
        src: "{{ item }}"
        dest: "{{ data }}"
        mode: preserve
      loop:
        - ftp
        - mosquitto

    # -- FTP SERVER ------------------------------------------------------------

    - name: build-podman-ftp
      containers.podman.podman_image:
        name: ftp
        path: "{{ data }}/ftp"
        force: true
      register: ftp_build

    - name: run-podman-ftp
      containers.podman.podman_container:
        name: ftp
        image: ftp
        network: host
        volumes:
          - "{{ data }}/ftp/inbox:/inbox"
        command: python3 -m pyftpdlib --write -d /inbox -u pleb -P moose
        recreate: "{{ ftp_build.changed }}"

    # -- MOSQUITTO SERVER ------------------------------------------------------

    # Use `mosquitto_sub -t '#'` to subscribe to all topics.
    - name: run-podman-mosquitto
      containers.podman.podman_container:
        name: mosquitto
        image: docker.io/eclipse-mosquitto
        ports:
          - "1883:1883/tcp"
        volumes:
          - "{{ data }}/mosquitto/mosquitto.conf:/mosquitto/config/mosquitto.conf"

    # -- HOME ASSISTANT --------------------------------------------------------

    - name: add-user-to-group
      become: true
      user:
        name: "{{ user }}"
        group: dialout
        append: yes

    - name: run-podman-home-assistant
      containers.podman.podman_container:
        name: homeassistant
        image: ghcr.io/home-assistant/home-assistant:stable
        #privileged: true
        network: host
        volumes:
          - "{{ data }}/home-assistant/config:/config"
          - "/etc/localtime:/etc/localtime:ro"
        device:
          # Podman somehow stores the device file all lower-case.
          # Writing it as /dev/ttyUSB0 is treated as a change.
          - "/dev/ttyusb0:/dev/ttyusb0"