---
- name: Include user role
  ansible.builtin.include_role:
    name: user
  vars:
    user_username: "{{ wedding_username }}"
    user_password: "{{ wedding_password }}"
- name: Login to ghcr registry and create ${XDG_RUNTIME_DIR}/containers/auth.json
  become: true
  become_user: "{{ wedding_username }}"
  containers.podman.podman_login:
    username: "{{ github_registry_user }}"
    password: "{{ github_registry_token }}"
    registry: ghcr.io
- name: Create the wedding container
  ansible.builtin.include_role:
    name: podman-container
    apply:
      become: true
      become_user: "{{ wedding_username }}"
  vars:
    podman_container_name: wedding-server
    podman_container_image: ghcr.io/kleinendorst/wedding
    podman_container_tag: "{{ wedding_version }}"
    podman_container_publish:
      - 127.0.0.1:3001:3000
    podman_container_volumes: []
    podman_container_env:
      DATABASE_HOST: 'localhost' # TODO: Needs to be fixed later...
      DATABASE_PORT: 5432
      DATABASE_DBNAME: wedding
      DATABASE_USER: "{{ postgres.user }}"
      DATABASE_PASSWORD: "{{ postgres.password }}"
      SESSION_SECRET: "{{ wedding_env.secret }}"
      # NODE_ENV: production # TODO: Enable when ready for secure cookie testing...
      WEDDING_FULL_ACCESS_CODE: "{{ wedding_env.full_access_code }}"
      WEDDING_NIGHT_ACCESS_CODE: "{{ wedding_env.night_access_code }}"
- name: Include simple-reverse-proxy role
  ansible.builtin.include_role:
    name: simple-reverse-proxy
  vars:
    simple_reverse_proxy_external_port: 8443
    simple_reverse_proxy_internal_port: 3001
    simple_reverse_proxy_internal_subdomain: "{{ random_pre_proxy_domain_name }}"