---
- name: Ensure mail service user exists
  ansible.builtin.user:
    name: "{{ mailserver.service_user }}"
    groups:
      - "{{ mailserver.service_group }}"
    append: true
    system: true
    shell: /usr/sbin/nologin
    create_home: false

- name: Ensure mailserver directories exist
  ansible.builtin.file:
    path: "{{ item }}"
    state: directory
    owner: "{{ mailserver.service_user }}"
    group: "{{ mailserver.service_group }}"
    mode: "0755"
  loop:
    - "{{ mailserver.path }}"
    - "{{ mailserver.path }}/docker-data"
    - "{{ mailserver.path }}/docker-data/dms/mail-data"
    - "{{ mailserver.path }}/docker-data/dms/mail-state"
    - "{{ mailserver.path }}/docker-data/dms/mail-logs"
    - "{{ mailserver.path }}/docker-data/dms/config"

- name: Render mailserver environment file
  ansible.builtin.template:
    src: mailserver.env.j2
    dest: "{{ mailserver.path }}/mailserver.env"
    owner: "{{ mailserver.service_user }}"
    group: "{{ mailserver.service_group }}"
    mode: "0640"
  register: mailserver_env

- name: Render mailserver accounts file
  ansible.builtin.copy:
    dest: "{{ mailserver.path }}/docker-data/dms/config/postfix-accounts.cf"
    content: "{{ vault_mailserver_accounts | default('# add mail accounts here\n') }}"
    owner: "{{ mailserver.service_user }}"
    group: "{{ mailserver.service_group }}"
    mode: "0600"
  register: mailserver_accounts

- name: Render mailserver compose file
  ansible.builtin.template:
    src: compose.yaml.j2
    dest: "{{ mailserver.path }}/compose.yaml"
    owner: "{{ mailserver.service_user }}"
    group: "{{ mailserver.service_group }}"
    mode: "0640"
  register: mailserver_compose

- name: Install mailserver compose systemd unit
  ansible.builtin.template:
    src: mailserver-compose.service.j2
    dest: /etc/systemd/system/mailserver-compose.service
    owner: root
    group: root
    mode: "0644"
  register: mailserver_unit

- name: Reload systemd for mailserver unit changes
  ansible.builtin.systemd_service:
    daemon_reload: true
  when: mailserver_unit.changed

- name: Enable mailserver compose stack
  ansible.builtin.service:
    name: mailserver-compose
    state: >-
      {{
        'restarted'
        if (mailserver_env.changed or mailserver_accounts.changed or mailserver_compose.changed or mailserver_unit.changed)
        else 'started'
      }}
    enabled: true