---
# tasks file for roles/podman

- name: Ensure NFS client utilities are installed
  ansible.builtin.apt:
    name: nfs-common
    state: present
    update_cache: yes

- name: Create local mount point for Podman NFS data
  ansible.builtin.file:
    path: "{{ podman_data_mount_point }}"
    state: directory
    mode: '0755'
    owner: root
    group: root

- name: Ensure Podman NFS share is mounted and configured in /etc/fstab
  ansible.posix.mount:
    src: "{{ podman_nfs_server }}:{{ podman_nfs_share_path }}"
    path: "{{ podman_data_mount_point }}"
    fstype: nfs
    opts: defaults,hard,intr,noatime,nofail # 'nofail' verhindert, dass der Bootvorgang stoppt, wenn der NFS-Server nicht erreichbar ist.
    state: mounted

- name: Install Podman and related tools
  ansible.builtin.apt:
    name:
      - podman
      - podman-docker # Bietet ein Docker-kompatibles CLI-Interface
      - buildah # Tool zum Erstellen von OCI-Images
      - skopeo # Tool zum Verschieben und Kopieren von Container-Images
    state: present
    update_cache: yes

- name: Ensure Podman systemd socket is enabled and running
  ansible.builtin.systemd:
    name: podman.socket
    state: started
    enabled: yes
  # Dies stellt sicher, dass der Podman-Socket für die Kommunikation verfügbar ist,
  # insbesondere für Tools wie Portainer, die sich mit dem Socket verbinden.

- name: Create Portainer data directory on NFS share
  ansible.builtin.file:
    path: "{{ portainer_data_path }}"
    state: directory
    mode: '0755'
    owner: root
    group: root

- name: Run Portainer container with Podman (using podman_container module)
  community.general.podman_container:
    name: "{{ portainer_name }}"
    image: "{{ portainer_image }}"
    state: started
    restart_policy: always
    ports:
      - "{{ portainer_edge_agent_port }}:8000"
      - "{{ portainer_web_port }}:9443"
      - "{{ portainer_legacy_port }}:9000"
    volume:
      # Map Podman socket to Docker socket path for Portainer compatibility
      - "/run/podman/podman.sock:/var/run/docker.sock"
      - "{{ portainer_data_path }}:/data"
  # This module is idempotent by nature and provides better state management.
  # Ensure 'community.general' collection is installed with `ansible-galaxy collection install community.general`.