---
- name: Install Portainer server
  hosts: watchtower
  become: true
  gather_facts: true
  vars:
    portainer_version: "latest"
    portainer_data_dir: "/opt/portainer/data"
    portainer_http_port: 9000
    portainer_https_port: 9443

  tasks:
    - name: Ensure Portainer data directory exists
      ansible.builtin.file:
        path: "{{ portainer_data_dir }}"
        state: directory
        mode: '0755'

    - name: Deploy Portainer server container
      community.docker.docker_container:
        name: portainer
        image: "portainer/portainer-ce:{{ portainer_version }}"
        state: started
        restart_policy: always
        recreate: false
        pull: true
        ports:
          - "{{ portainer_http_port }}:9000"
          - "{{ portainer_https_port }}:9443"
        volumes:
          - "/var/run/docker.sock:/var/run/docker.sock"
          - "{{ portainer_data_dir }}:/data"

    - name: Wait for Portainer server to become reachable
      ansible.builtin.wait_for:
        port: "{{ portainer_http_port }}"
        delay: 5
        timeout: 60
        state: started

    - name: Show Portainer server endpoints
      ansible.builtin.debug:
        msg:
          - "Portainer server is running on {{ inventory_hostname }}"
          - "HTTP: http://{{ ansible_default_ipv4.address }}:{{ portainer_http_port }}"
          - "HTTPS: https://{{ ansible_default_ipv4.address }}:{{ portainer_https_port }}"

- name: Deploy Portainer agent service
  hosts: swarm_managers[0]
  become: true
  gather_facts: false
  vars:
    portainer_agent_version: "2.33.6"
    portainer_agent_port: 9001
    portainer_agent_network: "portainer_agent_network"

  tasks:
    - name: Ensure Portainer overlay network exists
      community.docker.docker_network:
        name: "{{ portainer_agent_network }}"
        driver: overlay
        attachable: true
        state: present

    - name: Deploy Portainer agent as global swarm service
      community.docker.docker_swarm_service:
        name: portainer_agent
        image: "portainer/agent:{{ portainer_agent_version }}"
        state: present
        mode: global
        publish:
          - published_port: "{{ portainer_agent_port }}"
            target_port: 9001
            protocol: tcp
        networks:
          - name: "{{ portainer_agent_network }}"
        constraints:
          - node.platform.os == linux
        mounts:
          - source: /var/run/docker.sock
            target: /var/run/docker.sock
            type: bind
          - source: /var/lib/docker/volumes
            target: /var/lib/docker/volumes
            type: bind
          - source: /
            target: /host
            type: bind

    - name: Show Portainer agent deployment status
      ansible.builtin.command: docker service ls --filter name=portainer_agent
      register: portainer_agent_status
      changed_when: false

    - name: Display Portainer agent summary
      ansible.builtin.debug:
        msg:
          - "Portainer agent service is deployed"
          - "Network: {{ portainer_agent_network }}"
          - "Status: {{ portainer_agent_status.stdout }}"

- name: Display Portainer installation summary
  hosts: watchtower
  gather_facts: true

  tasks:
    - name: Show post-install summary
      ansible.builtin.debug:
        msg:
          - "Portainer installation complete"
          - "Server URL: http://{{ ansible_default_ipv4.address }}:9000"
          - "HTTPS URL: https://{{ ansible_default_ipv4.address }}:9443"
          - "Add Swarm environment in Portainer using any manager IP on port 9001"