---

# create directories
- name: "create semaphore directories"
  ansible.builtin.file:
    path: "{{ item }}"
    owner: "1001"
    group: "1001"
    state: "directory"
    mode: "0775"
  loop:
    - "/mnt/mitogen"
    - "/mnt/semaphore"
    - "/mnt/semaphore/config"
    - "/mnt/semaphore/data"
    - "/mnt/semaphore/ssh"
    - "/mnt/semaphore/tmp"

# semaphore ssh config
- name: "ssh config"
  ansible.builtin.template:
    src: "templates/semaphore/config.j2"
    dest: "/mnt/semaphore/ssh/config"
    owner: "1001"
    group: "1001"
    mode: "0640"

# semaphore ansible ssh key
- name: "ansible ssh config"
  ansible.builtin.template:
    src: "templates/semaphore/ansible.key.j2"
    dest: "/mnt/semaphore/ssh/ansible.key"
    owner: "1001"
    group: "1001"
    mode: "0400"

# install mitogen
- name: "install mitogen"

  # tell git to ignore certs
  environment:
    GIT_SSL_NO_VERIFY: "true"

  # git checkout
  ansible.builtin.git:
    version: "v{{ mitogen_version }}"
    dest: "/mnt/mitogen"
    repo: "https://github.com/mitogen-hq/mitogen"

# fix ownership
- name: "set mitogen ownership"
  ansible.builtin.file:
    path: "/mnt/mitogen"
    owner: "1001"
    group: "1001"
    recurse: true
  changed_when: false

# run semaphore
- name: "run semaphore"
  community.docker.docker_container:

    # container_default_behavior
    auto_remove: "no"
    container_default_behavior: "no_defaults"
    detach: "yes"
    init: "no"
    interactive: "no"
    log_driver: "json-file"
    log_options:
      max-size: "5m"
      max-file: "3"
    memory: "0"
    paused: "no"
    privileged: "no"
    pull: "always"
    read_only: "no"
    state: "started"
    tty: "no"

    # semaphore
    name: "semaphore-app"
    image: "docker.io/semaphoreui/semaphore:v2.17.24"
    image_name_mismatch: "recreate"
    restart_policy: "unless-stopped"
    network_mode: "host"

    volumes:
      - "/mnt/semaphore/ssh/config:/home/semaphore/.ssh/config"
      - "/mnt/semaphore/ssh/ansible.key:/home/semaphore/.ssh/ansible.key"
      - "/mnt/semaphore/config:/etc/semaphore"
      - "/mnt/semaphore/data:/var/lib/semaphore"
      - "/mnt/semaphore/tmp:/tmp/semaphore"
      - "/mnt/mitogen:/tmp/mitogen"

    ports:
      - "3000:3000/tcp"

    env:

      # semaphore
      SEMAPHORE_DB_DIALECT: "sqlite"
      SEMAPHORE_TOTP_ALLOW_RECOVERY: "True"
      SEMAPHORE_TOTP_ENABLED: "True"
      SEMAPHORE_SCHEDULE_TIMEZONE: "Europe/Amsterdam"

      # semaphore email
      SEMAPHORE_EMAIL_SENDER: "{{ semaphore_email_sender }}"
      SEMAPHORE_EMAIL_USERNAME: "{{ semaphore_email_username }}"
      SEMAPHORE_EMAIL_HOST: "{{ semaphore_email_host }}"
      SEMAPHORE_EMAIL_PORT: "{{ semaphore_email_port }}"
      SEMAPHORE_EMAIL_PASSWORD: "{{ semaphore_email_password }}"
      SEMAPHORE_EMAIL_SECURE: "True"
      SEMAPHORE_EMAIL_TLS: "True"

      # global
      TZ: "{{ timezone }}"