xoxys.freshrss/tasks/setup.yml

---
- block:
    - name: Create systemd service user
      user:
        name: "{{ freshrss_user }}"
        comment: "FreshRSS service user managed by Ansible"
        create_home: True
        home: "{{ freshrss_user_home }}"
        password: "!"
        state: present

    - name: Enable lingering for systemd user
      command:
        cmd: "loginctl enable-linger {{ freshrss_user }}"
        creates: "/var/lib/systemd/linger/{{ freshrss_user }}"

    - name: Create required directories
      file:
        path: "{{ item }}"
        state: directory
        owner: "{{ freshrss_user }}"
        group: "{{ freshrss_user }}"
        mode: 0700
      loop:
        - "{{ __freshrss_systemd_user_dir }}"
        - "{{ __freshrss_systemd_env_dir }}"

    - name: Deploy environment file
      template:
        src: systemd/environments/freshrss.env.j2
        dest: "{{ __freshrss_systemd_env_dir }}/freshrss.env"
        owner: "{{ freshrss_user }}"
        group: "{{ freshrss_user }}"
        mode: 0600
      notify:
        - __freshrss_restart

    - name: Create systemd service files
      template:
        src: "{{ item.src }}"
        dest: "{{ item.dest }}"
        owner: "{{ freshrss_user }}"
        group: "{{ freshrss_user }}"
        mode: "0644"
      loop:
        - src: systemd/user/freshrss-container.service.j2
          dest: "{{ __freshrss_systemd_user_dir }}/{{ __freshrss_container_name }}.service"
        - src: systemd/user/freshrss-pod.service.j2
          dest: "{{ __freshrss_systemd_user_dir }}/{{ __freshrss_pod_name }}.service"
      loop_control:
        label: "{{ item.dest }}"
      notify:
        - __freshrss_restart
  become: True
  become_user: root

- name: Create container volumes
  containers.podman.podman_volume:
    name: "{{ item.name }}"
    state: "{{ item.state | default('present') }}"
  loop: "{{ freshrss_volumes }}"
  loop_control:
    label: "{{ item.name }}"
  when: item.type | default("volume") | lower == "volume"
  register: __freshrss_volumes_raw
  become: True
  become_user: "{{ freshrss_user }}"

- name: Register container volumes map
  set_fact:
    __freshrss_volumes_map: "{{ __freshrss_volumes_raw.results | json_query('[].volume') | items2dict(key_name='Name', value_name='Mountpoint') }}"

- name: Ensure service is up and running
  systemd:
    name: "{{ __freshrss_pod_name }}.service"
    scope: user
    state: started
    daemon_reload: True
    enabled: True
  become: True
  become_user: "{{ freshrss_user }}"