---
- block:
    - name: Ensure required packages are installed
      package:
        name: "{{ item }}"
        state: "present"
      loop:
        - podman
        - container-selinux
        - bash-completion

    - name: Install Podman bash-completion
      command:
        cmd: "podman completion bash -f /etc/bash_completion.d/podman"
        creates: "/etc/bash_completion.d/podman"

    - name: Deploy container configuration
      template:
        src: etc/containers/containers.conf.j2
        dest: /etc/containers/containers.conf
        owner: root
        group: root
        mode: 0644

    - name: Deploy storage configuration
      template:
        src: etc/containers/storage.conf.j2
        dest: /etc/containers/storage.conf
        owner: root
        group: root
        mode: 0644

    - name: Set SELinux booleans
      seboolean:
        name: "{{ item.name }}"
        state: "{{ item.state | bool }}"
        persistent: "{{ item.persistent | default(True) | bool }}"
      loop: "{{ podman_sebooleans }}"
      loop_control:
        label: "{{ item.name }}: {{ item.state | bool }}"

    - name: Configure namespace id range
      lineinfile:
        dest: "{{ item }}"
        regexp: "^containers:"
        line: "containers:{{ podman_nsremap_range_start }}:{{ podman_nsremap_range_length }}"
      loop:
        - /etc/subuid
        - /etc/subgid

    - name: Handle registry logins
      containers.podman.podman_login:
        registry: "{{ item.url | default(omit) }}"
        username: "{{ item.username }}"
        password: "{{ item.password }}"
        state: '{{ item.state | default("present") }}'
      loop: "{{ podman_registries }}"
      loop_control:
        label: "{{ item.url }}"
  become: True
  become_user: root