---
- name: Ensure required packages are installed
  ansible.builtin.package:
    name: "{{ item }}"
    state: "present"
  loop:
    - podman
    - container-selinux
    - bash-completion

- name: Install Podman bash-completion
  ansible.builtin.command:
    cmd: "podman completion bash -f /etc/bash_completion.d/podman"
    creates: "/etc/bash_completion.d/podman"

- name: Deploy container configuration
  ansible.builtin.template:
    src: etc/containers/containers.conf.j2
    dest: /etc/containers/containers.conf
    owner: root
    group: root
    mode: "0644"

- name: Deploy storage configuration
  ansible.builtin.template:
    src: etc/containers/storage.conf.j2
    dest: /etc/containers/storage.conf
    owner: root
    group: root
    mode: "0644"

- name: Set SELinux booleans
  ansible.posix.seboolean:
    name: "{{ item.name }}"
    state: "{{ item.state | bool }}"
    persistent: "{{ item.persistent | default(True) | bool }}"
  loop: "{{ podman_sebooleans }}"
  loop_control:
    label: "{{ item.name }}: {{ item.state | bool }}"

- name: Configure namespace id range
  ansible.builtin.lineinfile:
    dest: "{{ item }}"
    regexp: "^containers:"
    line: "containers:{{ podman_nsremap_range_start }}:{{ podman_nsremap_range_length }}"
  loop:
    - /etc/subuid
    - /etc/subgid

- name: Handle registry logins
  containers.podman.podman_login:
    registry: "{{ item.url | default(omit) }}"
    username: "{{ item.username }}"
    password: "{{ item.password }}"
    state: '{{ item.state | default("present") }}'
  loop: "{{ podman_registries }}"
  loop_control:
    label: "{{ item.url }}"