---

- name: Render compose files
  hosts: localhost
  tags: template
  vars:
    render_path: "./render/compose"
    render_blacklist:
      - EMPTY
  tasks:
    - name: Read Variables
      include_vars:
        dir: vars
        extensions:
          - 'yml'
          - 'yaml'
    - file:
        state: directory
        dest: '{{ render_path }}/{{ item.path }}'
      with_filetree: './compose'
      when: item.state == 'directory'
    - name: Template Compose structure
      ansible.builtin.template:
        src: "{{ item.src }}"
        dest: "{{ render_path }}/{{ item.path }}"
        force: true
      with_filetree: './compose'
      when: item.state == 'file' and item.path not in render_blacklist
    - name: Copy blacklisted files
      copy:
        src: "{{ item.src }}"
        dest: "{{ render_path }}/{{ item.path }}"
        force: true
      with_filetree: './compose'
      when: item.state == 'file' and item.path in render_blacklist

- name: Provision Volumes from Snapshots
  hosts: unprovisioned
  # hosts: all
  gather_facts: true
  tasks:
    - block:
        - name: Gather file names
          delegate_to: 127.0.0.1
          find:
            paths: ./backups
            file_type: file
          register: snapshot_files
        - name: Filter names
          set_fact:
            volumes_to_provision: "{{ snapshot_files.files | selectattr('path', 'regex', '^.*-latest.tar.gz') | map(attribute='path') | map('regex_replace', '^backups/([a-zA-Z0-9_]+)-.*$', '\\1') }}"
        - name: Print
          ansible.builtin.debug:
            var: volumes_to_provision
            verbosity: 0
        - ansible.builtin.file:
            path: /home/core/backups
            owner: core
            state: directory
            mode: '0755'
        - name: Copy backups to host
          copy:
            src: "./backups/{{ item }}-latest.tar.gz"
            dest: "/home/core/backups/{{ item }}-latest.tar.gz"
          with_items: "{{ volumes_to_provision }}"
        - name: Initialize Volumes
          community.docker.docker_volume:
            name: "{{ item }}"
            state: present
          with_items: "{{ volumes_to_provision }}"

        - name: Provision Volume using alpine
          community.docker.docker_container:
            name: "restore-{{ item }}"
            image: "alpine:latest"
            state: started
            volumes:
              - "{{ item }}:/backup/{{ item }}"
              - "/home/core/backups/{{ item }}-latest.tar.gz:/restore.tar.gz:ro,z"
            auto_remove: true
            entrypoint:
              - tar
              - -C
              - /
              - -xvf
              - /restore.tar.gz
          with_items: "{{ volumes_to_provision }}"

        - set_fact:
            provisioned: true
            cacheable: true
      when: ansible_facts['provisioned'] is undefined

- name: Backup
  hosts: all
  tasks:
    - name: Read Variables
      include_vars:
        dir: vars
        extensions:
          - 'yml'
          - 'yaml'
    - name: Install backup script
      become: true
      ansible.builtin.template:
        src: backup.sh
        dest: /root/backup.sh
        mode: '0750'
        owner: root

- name: Setup Registry credentials
  hosts: all
  tasks:
    - ansible.builtin.file:
        path: /home/core/.docker
        owner: core
        state: directory
        mode: '0700'
    - ansible.builtin.copy:
        src: docker-config.json
        dest: /home/core/.docker/config.json
        mode: '0600'
        owner: core

- name: Docker-Compose
  hosts: all
  tasks:
    - name: Gather local Config
      delegate_to: 127.0.0.1
      find:
        paths: ./render/compose
        recurse: true
        file_type: file
      register: local_compose_files
    - name: Gather Remote Config
      find:
        paths: /home/core/compose
        recurse: true
        file_type: file
      register: remote_compose_files
    - ansible.builtin.debug:
        var: local_compose_files
        verbosity: 2
    - ansible.builtin.debug:
        var: remote_compose_files
        verbosity: 2

    - ansible.builtin.set_fact:
        compose_dirs_tainted: "{{ remote_compose_files.files | map(attribute='path') | difference(local_compose_files.files | map(attribute='path') | map('regex_replace', '^render/', '/home/core/')) | map('dirname') }}"
    - ansible.builtin.debug:
        var: compose_dirs_tainted
        verbosity: 2

    - name: Stop tainted Compose Services
      community.docker.docker_compose:
        project_src: "{{ item }}"
        state: absent
      loop: "{{ compose_dirs_tainted }}"

    - name: Copy Compose files
      ansible.posix.synchronize:
        src: ./render/compose
        dest: /home/core/
        archive: false
        checksum: true
        delete: true
        recursive: true
        mode: push
        # directory_mode: "0750"
        # mode: "0640"
        # owner: core
      register: compose_files

    - ansible.builtin.debug:
        var: compose_files
        verbosity: 2

    - name: Restart Compose projects
      vars:
        docker_restart: "{{ lookup('env', 'DOCKER_RESTART') | default('false', true) | bool }}"
      block:
        - find:
            paths: /home/core/compose
            recurse: false
            file_type: directory
          register: compose_directories
        - ansible.builtin.debug:
            var: compose_directories
            verbosity: 2
        - name: Restart Compose Projects
          community.docker.docker_compose:
            project_src: "{{ item }}"
            state: present
            restarted: true
            recreate: smart
            build: true
            remove_orphans: true
          loop: "{{ compose_directories.files | map(attribute='path') | sort }}"
      when: compose_files.changed or docker_restart


...