---
- block:
    - name: Ensure service directory exists
      file:
        path: "{{ bitwardenrs_ldap_service_directory }}"
        state: directory
        mode: 0755

    - name: Deploy compose file to '{{ bitwardenrs_ldap_service_directory }}'
      template:
        src: "services/bitwardenrs_ldap_compose.yml.j2"
        dest: "{{ bitwardenrs_ldap_service_directory }}/docker-compose.yml"
        owner: root
        group: root
        mode: 0640
        validate: "docker-compose -f %s config -q"

    - name: Ensure service is up and running
      docker_compose:
        project_src: "{{ bitwardenrs_ldap_service_directory }}"
        pull: yes
        remove_orphans: yes
        stopped: "{{ bitwardenrs_ldap_service_stopped }}"
        state: present
      # temp. disable changes; breaks idempotency see https://github.com/ansible-collections/community.general/pull/547
      changed_when: False
  become: True
  become_user: root