---

# create directory
- name: "create - directory - /mnt/traefik"
  ansible.builtin.file:
    path: "/mnt/traefik"
    state: "directory"
    owner: "root"
    group: "root"
    mode: "0775"

# traefik config
- name: "traefik config"
  ansible.builtin.template:
    src: "templates/traefik/config.yml.j2"
    dest: "/mnt/traefik/traefik.yml"
    owner: "root"
    group: "root"
    mode: "0640"
  notify: "restart traefik"

# transip apikey
- name: "traefik - transip api"
  ansible.builtin.copy:
    content: "{{ transip_key | replace('\\n', '\n') }}"
    dest: "/mnt/traefik/transip.key"
    owner: "root"
    group: "root"
    mode: "0600"
  notify: "restart traefik"

# touch acme.json
- name: "treafik - acme.json"
  ansible.builtin.file:
    dest: "/mnt/traefik/acme.json"
    state: "touch"
    owner: "root"
    group: "root"
    mode: "0600"
  changed_when: false

# run traefik
- name: "run traefik"
  community.docker.docker_container:

    # container_default_behavior
    auto_remove: "no"
    container_default_behavior: "no_defaults"
    detach: "yes"
    init: "no"
    interactive: "no"
    log_driver: "json-file"
    log_options:
      max-size: "5m"
      max-file: "3"
    memory: "0"
    paused: "no"
    privileged: "no"
    pull: "always"
    read_only: "no"
    state: "started"
    tty: "no"

    # traefik
    name: "traefik"
    image: "docker.io/traefik:v3.6.6"
    image_name_mismatch: "recreate"
    restart_policy: "unless-stopped"
    network_mode: "host"
    volumes:
      - "/mnt/traefik/traefik.yml:/traefik.yml:ro"
      - "/mnt/traefik/acme.json:/acme.json"
      - "/mnt/traefik/transip.key:/transip.key:ro"

    env:

      # transip api
      TRANSIP_ACCOUNT_NAME: "{{ transip_user }}"
      TRANSIP_PRIVATE_KEY_PATH: "/transip.key"

      # global
      TZ: "{{ timezone }}"