---
- name: Create authentik networks
  become: true
  community.docker.docker_network:
    name: "{{ item }}"
  loop: ["authentik", "authentik-redis"]
- name: Create authnetik docker volumes
  become: true
  community.docker.docker_volume:
    name: "{{ item }}"
  loop: ["authentik-redis", "authentik-media", "authentik-templates"]
- name: Run redis container
  become: true
  community.docker.docker_container:
    name: authentik-redis
    image: redis:7.4-bookworm
    command: ["redis-server", "--save", "60", "1", "--loglevel", "warning"]
    networks:
      - name: authentik-redis
    volumes:
      - authentik-redis:/data
    restart_policy: unless-stopped
- name: Create authentik config dir
  become: true
  ansible.builtin.file:
    path: /etc/authentik
    state: directory
    mode: "1700"
    owner: root
- name: Copy authentik config
  become: true
  ansible.builtin.template:
    src: authentik.env.j2
    dest: /etc/authentik/.env
- name: Run authentik server container
  become: true
  community.docker.docker_container:
    name: authentik
    image: "{{ image }}:{{ tag }}"
    command: ["server"]
    networks:
      - name: authentik
      - name: authentik-redis
      - name: postgresql
      - name: haproxy
    env_file: /etc/authentik/.env
- name: Run authentik worker container
  become: true
  community.docker.docker_container:
    name: authentik-worker
    image: "{{ image }}:{{ tag }}"
    command: ["worker"]
    networks:
      - name: authentik
      - name: authentik-redis
      - name: postgresql
    env_file: /etc/authentik/.env