---
- name: Create directories
  file:
    path: "{{ item }}"
    state: directory
  with_items:
    - "/data/vaultwarden"
    - "/data/vaultwarden/config"
    - "/data/vaultwardenbackup"
    - "/data/vaultwardenbackup/config"
    - "/data/vaultwardenbackup/config/rclone"

- name: Pull docker image
  community.docker.docker_image:
    name: vaultwarden/server
    tag: 1.34.3
    source: pull
  register: docker_image
  
- name: Create the vaultwarden container
  docker_container:
    name: vaultwarden
    image: "{{ docker_image.image.RepoTags[0] }}"
    restart_policy: unless-stopped
    networks:
      - name: proxy
    env:
      PUID: "1000"
      PGID: "1000"
      TZ: "Australia/Brisbane"
    volumes:
      - "/data/vaultwarden/data:/data"
    labels:
      traefik.enable: "true"
      traefik.http.routers.vaultwarden.rule: "Host(`vault.comprofix.com`)"
      traefik.http.routers.vaultwarden.entrypoints: "https"
      traefik.http.routers.vaultwarden.tls: "true"
      traefik.http.routers.vaultwarden.service: "vaultwarden"
      traefik.http.services.vaultwarden.loadbalancer.server.port: "80"
  when: docker_image.changed
  register: container_vaultwarden

- name: Copy rclone config
  copy:
    src: scripts/rclone.conf
    dest: "/data/vaultwardenbackup/config/rclone/rclone.conf"
    decrypt: yes
    mode: "0600"

- name: Pull docker image
  community.docker.docker_image:
    name: ttionya/vaultwarden-backup
    tag: 1.25.2
    source: pull
  register: docker_image

- name: Create the vaultwarden container
  docker_container:
    name: vaultwardenbackup
    image: "{{ docker_image.image.RepoTags[0] }}"
    restart_policy: unless-stopped
    env:
      PUID: "1000"
      PGID: "1000"
      TZ: "Australia/Brisbane"
      CRON: "0 4 * * *"
      BACKUP_KEEP_DAYS: "14"
      ZIP_PASSWORD: "{{ VAULTWARDEN_BACKUP_ZIP_PASSWORD }}"
    volumes:
      - "/data/vaultwarden/data:/bitwarden/data"
      - "/data/vaultwardenbackup/config:/config"
  when: docker_image.changed
  register: container_vaultwardenbackup