- name: Deploy app
  hosts: secrets
  gather_facts: false
  vars:
    app: infisical
  tasks:
    - name: Wait for connection
      ansible.builtin.wait_for_connection:
        timeout: 300
    - name: Get user
      ansible.builtin.user:
        name: debian
      register: user
    - name: Docker compose down
      ansible.builtin.command: docker compose down
      args:
        chdir: "{{ user.home }}/{{ app }}"
      ignore_errors: true
    - name: Copy project
      ansible.builtin.copy:
        src: "./{{ app }}"
        dest: "{{ user.home }}"
        mode: "0744"

    - name: Replace Encryption Key secret
      ansible.builtin.replace:
        path: "{{ user.home }}/{{ app }}/.env"
        regexp: "ENCRYPTION_KEY_VALUE"
        replace: "{{ lookup('ansible.builtin.env', 'INFISICAL_ENCRYPTION_KEY') }}"
    - name: Replace Auth secret
      ansible.builtin.replace:
        path: "{{ user.home }}/{{ app }}/.env"
        regexp: "AUTH_SECRET_VALUE"
        replace: "{{ lookup('ansible.builtin.env', 'INFISICAL_AUTH_SECRET') }}"
    - name: Replace Mongo Password secret
      ansible.builtin.replace:
        path: "{{ user.home }}/{{ app }}/.env"
        regexp: "MONGO_PASSWORD_VALUE"
        replace: "{{ lookup('ansible.builtin.env', 'INFISICAL_MONGO_PASSWORD') }}"
    - name: Replace SMTP Password secret
      ansible.builtin.replace:
        path: "{{ user.home }}/{{ app }}/.env"
        regexp: "SMTP_PASSWORD_VALUE"
        replace: "{{ lookup('ansible.builtin.env', 'SMTP_PASSWORD') }}"

    - name: Docker compose up -d
      ansible.builtin.command: docker compose up -d
      args:
        chdir: "{{ user.home }}/{{ app }}"