# vim: ft=yaml.ansible
---
- name: codimd network
  docker_network:
    name: codimd

- name: create codimd volume folders
  file:
    name: "{{ services.codimd.volume_folder }}/{{ volume }}"
    state: directory
  loop:
    - "db"
    - "codimd/uploads"
  loop_control:
    loop_var: volume

- name: codimd database container
  docker_container:
    name: codimd_db
    image: postgres:10
    state: started
    restart_policy: unless-stopped
    networks:
      - name: codimd
    volumes:
      - "{{ services.codimd.volume_folder }}/db:/var/lib/postgresql/data"
    env:
      POSTGRES_USER: "codimd"
      POSTGRES_PASSWORD: "{{ postgres_passwords.codimd }}"

- name: codimd app container
  docker_container:
    name: codimd_app
    image: hackmdio/hackmd:1.3.0
    restart_policy: unless-stopped
    networks:
      - name: codimd
      - name: ldap
      - name: external_services
    volumes:
      - "{{ services.codimd.volume_folder }}/codimd/uploads:/codimd/public/uploads"
    env:
      CMD_DB_URL: "postgres://codimd:{{ postgres_passwords.codimd }}@codimd_db:5432/codimd"
      CMD_ALLOW_EMAIL_REGISTER: "False"
      CMD_IMAGE_UPLOAD_TYPE: "filesystem"
      CMD_EMAIL: "False"
      CMD_LDAP_URL: "ldap://openldap"
      CMD_LDAP_BINDDN: "cn=admin,dc=data,dc=coop"
      CMD_LDAP_BINDCREDENTIALS: "{{ ldap_admin_password }}"
      CMD_LDAP_SEARCHBASE: "dc=data,dc=coop"
      CMD_LDAP_SEARCHFILTER: "(&(uid={{ '{{username}}' }})(objectClass=inetOrgPerson))"
      CMD_USECDN: "false"
      VIRTUAL_HOST: "{{ services.codimd.domain }}"
      LETSENCRYPT_HOST: "{{ services.codimd.domain }}"
      LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"