---
- name: Ensure registries are configured for containers
  lineinfile:
    path: /etc/containers/registries.conf
    line: unqualified-search-registries = ["quay.io", "docker.io"]
    regexp: '^unqualified-search-registries'
    backup: yes

- name: Ensure Signal API container is running
  containers.podman.podman_container:
    name: signal-api
    image: "{{ signal_container_image }}"
    state: started
    recreate: false
    restart_policy: always
    publish:
      - "{{ signal_list_ip }}:{{ signal_api_port }}:{{ signal_api_port }}"
    volume:
      - "{{ signal_data_folder }}:/home/.local/share/signal-cli"
    env:
      MODE: native
      PORT: "{{ signal_api_port }}"
      #AUTO_RECEIVE_SCHEDULE: "0 22 * * *"
  register: container
  ignore_errors: true

- name: Ensure UFW allow traffic to exposed port from local network
  ufw:
    rule: allow
    route: true
    from_ip: "{{ item }}"
    to_port: "{{ signal_api_port }}"
  when: handle_ufw
  loop: "{{ localnetworks }}"

- name: Generate service unit
  shell: podman generate systemd --new --name signal-api > /etc/systemd/system/podman_signal_api.service
  args:
    creates: /etc/systemd/system/podman_signal_api.service

- name: Enable service unit
  systemd:
    name: podman_signal_api.service
    daemon_reload: true
    enabled: true
    masked: false