---
# Manage Podman containers

- name: Manage Podman containers
  vars:
    container_item: "{{ podman_container_defaults | default({}) | combine(item) }}"
  containers.podman.podman_container:
    name: "{{ container_item.name }}"
    image: "{{ container_item.image }}"
    state: "{{ container_item.state | default('present') }}"

    # Basic container configuration
    command: "{{ container_item.command | default(omit) }}"
    entrypoint: "{{ container_item.entrypoint | default(omit) }}"
    user: "{{ container_item.user | default(omit) }}"
    workdir: "{{ container_item.working_dir | default(omit) }}"
    hostname: "{{ container_item.hostname | default(omit) }}"

    # Container runtime options
    detach: "{{ container_item.detach | bool | default(omit) }}"
    interactive: "{{ container_item.interactive | bool | default(omit) }}"
    tty: "{{ container_item.tty | bool | default(omit) }}"
    rm: "{{ container_item.auto_remove | bool | default(podman_auto_remove) }}"
    rmi: "{{ container_item.remove_image | bool | default(omit) }}"
    privileged: "{{ container_item.privileged | bool | default(omit) }}"
    read_only: "{{ container_item.read_only | bool | default(omit) }}"
    read_only_tmpfs: "{{ container_item.read_only_tmpfs | bool | default(omit) }}"
    init: "{{ container_item.init | bool | default(omit) }}"
    init_path: "{{ container_item.init_path | default(omit) }}"

    # Networking
    network: "{{ container_item.networks | default(omit) }}"
    publish: "{{ container_item.ports | default(omit) }}"
    publish_all: "{{ container_item.publish_all | bool | default(omit) }}"
    expose: "{{ container_item.expose | default(omit) }}"
    ip: "{{ container_item.ip | default(omit) }}"
    ip6: "{{ container_item.ip6 | default(omit) }}"
    mac_address: "{{ container_item.mac_address | default(omit) }}"
    network_aliases: "{{ container_item.network_aliases | default(omit) }}"
    dns: "{{ container_item.dns | default(omit) }}"
    dns_option: "{{ container_item.dns_options | default(omit) }}"
    dns_search: "{{ container_item.dns_search | default(omit) }}"
    etc_hosts: "{{ container_item.add_hosts | default(omit) }}"
    no_hosts: "{{ container_item.no_hosts | bool | default(omit) }}"

    # Storage and volumes
    volume: "{{ container_item.volumes | default(omit) }}"
    volumes_from: "{{ container_item.volumes_from | default(omit) }}"
    mount: "{{ container_item.mounts | default(omit) }}"
    tmpfs: "{{ container_item.tmpfs | default(omit) }}"
    image_volume: "{{ container_item.image_volume | default(omit) }}"

    # Environment variables
    env: "{{ container_item.env | default(omit) }}"
    env_file: "{{ container_item.env_files | default(omit) }}"
    env_host: "{{ container_item.env_host | bool | default(omit) }}"
    env_merge: "{{ container_item.env_merge | default(omit) }}"
    unsetenv: "{{ container_item.unsetenv | default(omit) }}"
    unsetenv_all: "{{ container_item.unsetenv_all | bool | default(omit) }}"

    # Resource constraints
    memory: "{{ container_item.memory | default(omit) }}"
    memory_reservation: "{{ container_item.memory_reservation | default(omit) }}"
    memory_swap: "{{ container_item.memory_swap | default(omit) }}"
    memory_swappiness: "{{ container_item.memory_swappiness | default(omit) }}"
    kernel_memory: "{{ container_item.kernel_memory | default(omit) }}"
    cpus: "{{ container_item.cpus | default(omit) }}"
    cpu_shares: "{{ container_item.cpu_shares | default(omit) }}"
    cpu_period: "{{ container_item.cpu_period | default(omit) }}"
    cpu_quota: "{{ container_item.cpu_quota | default(omit) }}"
    cpu_rt_period: "{{ container_item.cpu_rt_period | default(omit) }}"
    cpu_rt_runtime: "{{ container_item.cpu_rt_runtime | default(omit) }}"
    cpuset_cpus: "{{ container_item.cpuset_cpus | default(omit) }}"
    cpuset_mems: "{{ container_item.cpuset_mems | default(omit) }}"
    blkio_weight: "{{ container_item.blkio_weight | default(omit) }}"
    blkio_weight_device: "{{ container_item.blkio_weight_device | default(omit) }}"
    oom_kill_disable: "{{ container_item.oom_kill_disable | bool | default(omit) }}"
    oom_score_adj: "{{ container_item.oom_score_adj | default(omit) }}"
    pids_limit: "{{ container_item.pids_limit | default(omit) }}"

    # Device access
    device: "{{ container_item.devices | default(omit) }}"
    device_cgroup_rule: "{{ container_item.device_cgroup_rule | default(omit) }}"
    device_read_bps: "{{ container_item.device_read_bps | default(omit) }}"
    device_read_iops: "{{ container_item.device_read_iops | default(omit) }}"
    device_write_bps: "{{ container_item.device_write_bps | default(omit) }}"
    device_write_iops: "{{ container_item.device_write_iops | default(omit) }}"
    gpus: "{{ container_item.gpus | default(omit) }}"

    # Security options
    security_opt: "{{ container_item.security_opt | default(omit) }}"
    cap_add: "{{ container_item.cap_add | default(omit) }}"
    cap_drop: "{{ container_item.cap_drop | default(omit) }}"
    seccomp_policy: "{{ container_item.seccomp_policy | default(omit) }}"
    userns: "{{ container_item.userns | default(omit) }}"
    uidmap: "{{ container_item.uidmap | default(omit) }}"
    gidmap: "{{ container_item.gidmap | default(omit) }}"
    subuidname: "{{ container_item.subuidname | default(omit) }}"
    subgidname: "{{ container_item.subgidname | default(omit) }}"
    group_add: "{{ container_item.groups | default(omit) }}"
    group_entry: "{{ container_item.group_entry | default(omit) }}"
    passwd: "{{ container_item.passwd | default(omit) }}"
    passwd_entry: "{{ container_item.passwd_entry | default(omit) }}"

    # Namespaces
    ipc: "{{ container_item.ipc_mode | default(omit) }}"
    pid: "{{ container_item.pid_mode | default(omit) }}"
    uts: "{{ container_item.uts | default(omit) }}"
    cgroupns: "{{ container_item.cgroupns | default(omit) }}"

    # Cgroups
    cgroups: "{{ container_item.cgroups | default(omit) }}"
    cgroup_parent: "{{ container_item.cgroup_parent | default(omit) }}"
    cgroup_conf: "{{ container_item.cgroup_conf | default(omit) }}"

    # System configuration
    sysctl: "{{ container_item.sysctl | default(omit) }}"
    systemd: "{{ container_item.systemd | default(omit) }}"
    ulimit: "{{ container_item.ulimits | default(omit) }}"
    umask: "{{ container_item.umask | default(omit) }}"

    # Shared memory and tmpfs
    shm_size: "{{ container_item.shm_size | default(omit) }}"
    shm_size_systemd: "{{ container_item.shm_size_systemd | default(omit) }}"

    # Pods
    pod: "{{ container_item.pod | default(omit) }}"
    pod_id_file: "{{ container_item.pod_id_file | default(omit) }}"

    # Logging
    log_driver: "{{ container_item.log_driver | default(omit) }}"
    log_opt: "{{ container_item.log_options | default(omit) }}"
    log_level: "{{ container_item.log_level | default(omit) }}"

    # Health checks
    healthcheck: "{{ container_item.healthcheck | default(omit) }}"
    healthcheck_interval: "{{ container_item.healthcheck_interval | default(omit) }}"
    healthcheck_timeout: "{{ container_item.healthcheck_timeout | default(omit) }}"
    healthcheck_start_period: "{{ container_item.healthcheck_start_period | default(omit) }}"
    healthcheck_retries: "{{ container_item.healthcheck_retries | default(omit) }}"
    healthcheck_failure_action: "{{ container_item.healthcheck_failure_action | default(omit) }}"
    no_healthcheck: "{{ container_item.no_healthcheck | bool | default(omit) }}"

    # Startup health checks
    health_startup_cmd: "{{ container_item.health_startup_cmd | default(omit) }}"
    health_startup_interval: "{{ container_item.health_startup_interval | default(omit) }}"
    health_startup_timeout: "{{ container_item.health_startup_timeout | default(omit) }}"
    health_startup_retries: "{{ container_item.health_startup_retries | default(omit) }}"
    health_startup_success: "{{ container_item.health_startup_success | default(omit) }}"

    # Metadata and labels
    label: "{{ container_item.labels | default(omit) }}"
    label_file: "{{ container_item.label_file | default(omit) }}"
    annotation: "{{ container_item.annotations | default(omit) }}"

    # Container lifecycle
    restart_policy: "{{ container_item.restart_policy | default(omit) }}"
    restart_time: "{{ container_item.restart_time | default(omit) }}"
    stop_signal: "{{ container_item.stop_signal | default(omit) }}"
    stop_time: "{{ container_item.stop_time | default(omit) }}"
    stop_timeout: "{{ container_item.stop_timeout | default(omit) }}"
    timeout: "{{ container_item.timeout | default(omit) }}"

    # Pull and image options
    pull: "{{ container_item.pull | default(omit) }}"
    image_strict: "{{ container_item.image_strict | bool | default(omit) }}"
    arch: "{{ container_item.arch | default(omit) }}"
    os: "{{ container_item.os | default(omit) }}"
    platform: "{{ container_item.platform | default(omit) }}"
    variant: "{{ container_item.variant | default(omit) }}"

    # Registry and authentication
    authfile: "{{ container_item.authfile | default(omit) }}"
    tls_verify: "{{ container_item.tls_verify | default(omit) }}"
    decryption_key: "{{ container_item.decryption_key | default(omit) }}"

    # File operations
    cidfile: "{{ container_item.cidfile | default(omit) }}"
    conmon_pidfile: "{{ container_item.conmon_pidfile | default(omit) }}"
    pid_file: "{{ container_item.pid_file | default(omit) }}"

    # Special options
    attach: "{{ container_item.attach | default(omit) }}"
    detach_keys: "{{ container_item.detach_keys | default(omit) }}"
    sig_proxy: "{{ container_item.sig_proxy | bool | default(omit) }}"
    http_proxy: "{{ container_item.http_proxy | bool | default(omit) }}"

    # Advanced options
    chrootdirs: "{{ container_item.chrootdirs | default(omit) }}"
    hooks_dir: "{{ container_item.hooks_dir | default(omit) }}"
    hostuser: "{{ container_item.hostuser | default(omit) }}"
    init_ctr: "{{ container_item.init_ctr | default(omit) }}"
    personality: "{{ container_item.personality | default(omit) }}"
    preserve_fd: "{{ container_item.preserve_fd | default(omit) }}"
    preserve_fds: "{{ container_item.preserve_fds | default(omit) }}"
    rdt_class: "{{ container_item.rdt_class | default(omit) }}"
    requires: "{{ container_item.requires | default(omit) }}"
    rootfs: "{{ container_item.rootfs | bool | default(omit) }}"
    sdnotify: "{{ container_item.sdnotify | default(omit) }}"
    secrets: "{{ container_item.secrets | default(omit) }}"
    timezone: "{{ container_item.timezone | default(omit) }}"

    # Retry options
    retry: "{{ container_item.retry | default(omit) }}"
    retry_delay: "{{ container_item.retry_delay | default(omit) }}"

    # Systemd generation
    generate_systemd: "{{ container_item.generate_systemd | default(omit) }}"

    # Quadlet options
    quadlet_dir: "{{ container_item.quadlet_dir | default(omit) }}"
    quadlet_filename: "{{ container_item.quadlet_filename | default(omit) }}"
    quadlet_file_mode: "{{ container_item.quadlet_file_mode | default(omit) }}"
    quadlet_options: "{{ container_item.quadlet_options | default(omit) }}"

    # Control options
    cmd_args: "{{ container_item.cmd_args | default(omit) }}"
    executable: "{{ container_item.executable | default('podman') }}"
    recreate: "{{ container_item.recreate | bool | default(omit) }}"
    force_restart: "{{ container_item.force_restart | bool | default(omit) }}"
    force_delete: "{{ container_item.force_delete | bool | default(omit) }}"
    delete_depend: "{{ container_item.delete_depend | bool | default(omit) }}"
    delete_time: "{{ container_item.delete_time | default(omit) }}"
    delete_volumes: "{{ container_item.delete_volumes | bool | default(omit) }}"
    debug: "{{ container_item.debug | bool | default(omit) }}"
  loop: "{{ podman_containers }}"
  loop_control:
    label: "{{ item.name }}"
  register: podman_container_output
  notify:
    - Reload systemd