---

- name: create mailu volume folders
  file:
    name: "{{ services.mailu.volume_folder }}/{{ volume }}"
    state: directory
  loop:
    - redis
    - certs
    - overrides
    - data
    - dkim
    - mail
    - filter
    - dav
    - webmail
  loop_control:
    loop_var: volume

- name: upload mailu.env file
  template:
    src: mailu.env.j2
    dest: "{{ services.mailu.volume_folder}}/mailu.env"

- name: hard link to Let's Encrypt TLS certificate
  file:
    src: "{{ services.nginx_proxy.volume_folder }}/certs/{{ services.mailu.domain }}/fullchain.pem"
    dest: "{{ services.mailu.volume_folder }}/certs/cert.pem"
    state: hard
    force: yes
  when: letsencrypt_enabled

- name: hard link to Let's Encrypt TLS key
  file:
    src: "{{ services.nginx_proxy.volume_folder }}/certs/{{ services.mailu.domain }}/key.pem"
    dest: "{{ services.mailu.volume_folder }}/certs/key.pem"
    state: hard
    force: yes
  when: letsencrypt_enabled

- name: run mail server containers
  docker_compose:
    project_name: mail_server
    pull: yes
    definition:
      version: '3.6'
      services:
        redis:
          image: redis:alpine
          restart: always
          volumes:
            - "{{ services.mailu.volume_folder }}/redis:/data"

        database:
          image: mailu/postgresql:{{ services.mailu.version }}
          restart: always
          env_file: "{{ services.mailu.volume_folder}}/mailu.env"
          volumes:
            - "{{ services.mailu.volume_folder }}/data/psql_db:/data"
            - "{{ services.mailu.volume_folder }}/data/psql_backup:/backup"
          networks:
            - default
            - external_services

        front:
          image: mailu/nginx:{{ services.mailu.version }}
          restart: always
          env_file: "{{ services.mailu.volume_folder}}/mailu.env"
          environment:
            VIRTUAL_HOST: "{{ services.mailu.domain }}"
            LETSENCRYPT_HOST: "{{ services.mailu.domain }}"
            LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
          volumes:
            - "{{ services.mailu.volume_folder }}/certs:/certs"
            - "{{ services.mailu.volume_folder }}/overrides/nginx:/overrides"
          expose:
            - "80"
          ports:
            - "993:993"
            - "25:25"
            - "587:587"
            - "465:465"
          networks:
            - default
            - external_services

        resolver:
          image: mailu/unbound:{{ services.mailu.version }}
          restart: always
          env_file: "{{ services.mailu.volume_folder}}/mailu.env"
          networks:
            default:
              ipv4_address: "{{ services.mailu.dns }}"

        admin:
          image: mailu/admin:{{ services.mailu.version }}
          restart: always
          env_file: "{{ services.mailu.volume_folder}}/mailu.env"
          volumes:
            - "{{ services.mailu.volume_folder }}/data:/data"
            - "{{ services.mailu.volume_folder }}/dkim:/dkim"
          depends_on:
            - redis

        imap:
          image: mailu/dovecot:{{ services.mailu.version }}
          restart: always
          env_file: "{{ services.mailu.volume_folder}}/mailu.env"
          volumes:
            - "{{ services.mailu.volume_folder }}/mail:/mail"
            - "{{ services.mailu.volume_folder }}/overrides:/overrides"
          depends_on:
            - front

        smtp:
          image: mailu/postfix:{{ services.mailu.version }}
          restart: always
          env_file: "{{ services.mailu.volume_folder}}/mailu.env"
          volumes:
            - "{{ services.mailu.volume_folder }}/overrides:/overrides"
          depends_on:
            - front
            - resolver
          dns:
            - "{{ services.mailu.dns }}"

        antispam:
          image: mailu/rspamd:{{ services.mailu.version }}
          restart: always
          env_file: "{{ services.mailu.volume_folder}}/mailu.env"
          volumes:
            - "{{ services.mailu.volume_folder }}/filter:/var/lib/rspamd"
            - "{{ services.mailu.volume_folder }}/dkim:/dkim"
            - "{{ services.mailu.volume_folder }}/overrides/rspamd:/etc/rspamd/override.d"
          depends_on:
            - front
            - resolver
          dns:
            - "{{ services.mailu.dns }}"

        webmail:
          image: mailu/rainloop:1.6
          restart: always
          env_file: "{{ services.mailu.volume_folder}}/mailu.env"
          volumes:
            - "{{ services.mailu.volume_folder }}/webmail:/data"
          depends_on:
            - front
            - resolver
          dns:
            - "{{ services.mailu.dns }}"

      networks:
        default:
          driver: bridge
          ipam:
            driver: default
            config:
              - subnet: "{{ services.mailu.subnet }}"
        external_services:
          external:
            name: external_services