- name: Deploy app
  hosts: samba
  gather_facts: false
  vars:
    app: samba
  tasks:
    - name: Wait for connection
      ansible.builtin.wait_for_connection:
        timeout: 300
    - name: Get user
      ansible.builtin.user:
        name: debian
      register: user

    - name: Docker compose down
      ansible.builtin.command: docker compose down
      args:
        chdir: "{{ user.home }}/{{ app }}"
      ignore_errors: true
    - name: Copy project
      ansible.builtin.copy:
        src: "./{{ app }}"
        dest: "{{ user.home }}"
        mode: "0744"

    - name: Replace KVK Password secret
      ansible.builtin.replace:
        path: "{{ user.home }}/{{ app }}/config.yml"
        regexp: "KVK_PASSWORD"
        replace: "{{ lookup('infisical.vault.read_secrets', env_slug='prod', path='/samba', secret_name='KVK_PASSWORD')['value'] }}"

    - name: Docker compose up -d
      ansible.builtin.command: docker compose up -d
      args:
        chdir: "{{ user.home }}/{{ app }}"

    - name: Update samba permissions
      ansible.builtin.file:
        path: /mnt/share/samba
        state: directory
        recurse: true
        owner: debian
        group: debian
      become: true