---
# trilium/tasks/main.yml
- import_tasks: firewall.yml

- name: Create stack and config directories
  file:
    path: "{{ item }}"
    state: directory
    owner: "{{ container_user }}"
    group: "{{ container_group }}"
    mode: "0755"
    recurse: yes
  loop: "{{ trilium_base_directories }}"

- name: Directory SELinux requirement
  ansible.builtin.set_fact:
    selinux_container_paths: "{{ trilium_base_directories }}"

- import_role:
    name: selinux_containers
    tasks_from: labels

- name: Deploy Trilium Quadlet
  template:
    src: trilium.container.j2
    dest: "{{ container_config_dir }}/trilium.container"
    owner: "{{ container_user }}"
    group: "{{ container_group }}"
    mode: "0644"

- name: Force systemd reload
  become: true
  become_user: "{{ container_user }}"
  environment:
    XDG_RUNTIME_DIR: "{{ container_runtime_dir }}"
  command: systemctl --user daemon-reload

- name: Wait for quadlet generation
  pause:
    seconds: 1

- name: Start and enable Trilium service
  become: true
  become_user: "{{ container_user }}"
  environment:
    XDG_RUNTIME_DIR: "{{ container_runtime_dir }}"
  systemd:
    name: trilium.service
    scope: user
    state: started
    enabled: true