---

- name: codimd network
  community.docker.docker_network:
    name: codimd

- name: create codimd volume folders
  ansible.builtin.file:
    name: '{{ codimd.volume_folder }}/{{ volume }}'
    state: directory
  loop:
    - db
    - codimd/uploads

  loop_control:
    loop_var: volume

- name: codimd database container
  community.docker.docker_container:
    name: codimd_db
    image: postgres:10
    state: started
    restart_policy: unless-stopped
    networks:
      - name: codimd
    volumes:
      - '{{ codimd.volume_folder }}/db:/var/lib/postgresql/data'
    env:
      POSTGRES_USER: codimd
      POSTGRES_PASSWORD: '{{ postgres_passwords.codimd }}'

- name: codimd app container
  community.docker.docker_container:
    name: codimd_app
    image: hackmdio/hackmd:1.3.0
    restart_policy: unless-stopped
    networks:
      - name: codimd
      - name: ldap
      - name: external_services
    volumes:
      - '{{ codimd.volume_folder }}/codimd/uploads:/codimd/public/uploads'

    env:
      CMD_DB_URL: postgres://codimd:{{ postgres_passwords.codimd }}@codimd_db:5432/codimd
      CMD_ALLOW_EMAIL_REGISTER: 'False'
      CMD_IMAGE_UPLOAD_TYPE: filesystem
      CMD_EMAIL: 'False'
      CMD_LDAP_URL: ldap://openldap
      CMD_LDAP_BINDDN: cn=admin,dc=data,dc=coop
      CMD_LDAP_BINDCREDENTIALS: '{{ ldap_admin_password }}'
      CMD_LDAP_SEARCHBASE: dc=data,dc=coop
      CMD_LDAP_SEARCHFILTER: (&(uid={{ '{{username}}' }})(objectClass=inetOrgPerson))
      CMD_USECDN: 'false'
      VIRTUAL_HOST: '{{ codimd.domain }}'
      LETSENCRYPT_HOST: '{{ codimd.domain }}'
      LETSENCRYPT_EMAIL: '{{ letsencrypt_email }}'