---
# matrix_synapse/tasks/main.yml
- name: Create stack and config directories
  file:
    path: "{{ item }}"
    state: directory
    owner: "{{ container_user }}"
    group: "{{ container_group }}"
    mode: "0755"
  loop: "{{ synapse_base_directories }}"

- name: Directory SELinux requirement
  ansible.builtin.set_fact:
    selinux_container_paths: "{{ synapse_base_directories }}"

- import_role:
    name: selinux_containers
    tasks_from: labels

#- name: Ensure container app config directories are owned by container UID
#  become: true
#  file:
#    path: "{{ synapse_config_dir }}"
#    state: directory
#    owner: "{{ container_user }}"
#    group: "{{ container_group }}"
#    recurse: true

- name: Deploy homesever configuration template
  template:
    src: homeserver.yaml.j2
    dest: "{{ synapse_config_dir }}/homeserver.yaml"
    owner: "{{ container_user }}"
    group: "{{ container_group }}"
    mode: '0600'
    
- name: Ensure Synapse signing key is deployed
  copy:
    content: "{{ vault_matrix_signing_key }}"
    dest: "{{ deploy_signing_key_path }}"
    owner: "{{ container_user }}"
    group: "{{ container_group }}"
    mode: '0600'

- name: Deploy Synapse Quadlet
  template:
    src: synapse.container.j2
    dest: "{{ container_config_dir }}/synapse.container"
    owner: "{{ container_user }}"
    group: "{{ container_group }}"
    mode: '0644'

- name: Force systemd reload (blocking)
  become: true
  become_user: "{{ container_user }}"
  environment:
    XDG_RUNTIME_DIR: "{{ container_runtime_dir }}"
  command: systemctl --user daemon-reload

- name: Wait for quadlet generation
  pause:
    seconds: 1

- name: Start and enable Synapse service
  become: true
  become_user: "{{ container_user }}"
  environment:
    XDG_RUNTIME_DIR: "{{ container_runtime_dir }}"
  systemd:
    name: synapse.service
    scope: user
    state: started
    enabled: true