---
- name: Validate inputs
  ansible.builtin.import_tasks: validation.yaml

- name: Create networks for container {{ container_name }}
  ansible.builtin.include_role:
    name: network
  vars:
    network_name: "{{ network }}"
  loop: "{{ container_networks }}"
  loop_control:
    loop_var: network

- name: Create volumes for container {{ container_name }}
  ansible.builtin.include_role:
    name: volume
  vars:
    volume_name: "{{ volume.source }}"
    volume_uid: "{{ volume.user | default('') }}"
    volume_gid: "{{ volume.group | default('') }}"
  loop: "{{ _container_volumes }}"
  loop_control:
    loop_var: volume

- name: Create secrets for container {{ container_name }}
  containers.podman.podman_secret:
    name: "{{ item.name }}"
    data: "{{ item.value | default(lookup('community.general.random_string', special=false, length=128)) }}"
    skip_existing: "{{ item.value is not defined }}"
  no_log: true
  loop: "{{ container_secrets }}"

- name: Create container service {{ container_name }}
  containers.podman.podman_container:
    image: "{{ container_image }}"
    name: "{{ container_name }}"
    command: "{{ container_command or omit }}"
    user: "{{ container_user or omit }}"
    mount: "{{ _container_mounts | map('items') | map('map', 'join', '=') | map('join', ',') }}"
    network: "{{ container_networks | map('regex_replace', '$', '.network') }}"
    publish: "{{ container_publish_ports }}"
    secrets: "{{ container_secrets | map(attribute='name') }}"
    env: "{{ container_env.keys() | zip(container_env.values() | map('quote')) | community.general.dict }}"
    state: quadlet
    quadlet_file_mode: "0600"
    quadlet_options: "{{ _container_quadlet_options }}"
  notify: "Restart container service {{ container_name }}"