- name: load architecture-specific values
  include_vars: '{{ item }}'
  with_first_found:
  - '{{ ansible_architecture }}.yml'
  - defaults.yml
  tags:
  - always

- name: ensure podman is installed
  package:
    name: '{{ frigate_podman_packages }}'
    state: present
  tags:
  - install

- name: ensure frigate user exists
  user:
    name: frigate
    system: true
    home: /var/lib/frigate
    createhome: false
  register: frigate_user
  tags:
  - user

- name: ensure frigate home directory exists
  file:
    path: /var/lib/frigate
    owner: frigate
    group: frigate
    mode: '0755'
    state: directory
  tags:
  - datadir
- name: ensure frigate tmp directory exists
  file:
    path: /var/lib/frigate/tmp
    owner: frigate
    group: frigate
    mode: u=rwx,go=rx
    state: directory
  tags:
  - datadir

- name: ensure frigate container image is available
  podman_image:
    name: '{{ frigate_image }}'
    tag: stable
    state: present
    force: '{{ frigate_update|d|bool }}'
  notify:
  - restart frigate
  tags:
  - container-image
  - container

- name: ensure frigate container unit is installed
  template:
    src: frigate.container.j2
    dest: /etc/containers/systemd/frigate.container
    mode: u=rw,go=r
  notify:
  - reload systemd
  - restart frigate
  tags:
  - systemd

- name: ensure frigate configuration directory exists
  file:
    path: /etc/frigate
    mode: '0750'
    owner: root
    group: frigate
    state: directory
  tags:
  - config
- name: ensure frigate is configured
  copy:
    dest: /etc/frigate/config.yml
    content: >-
      {{ frigate_config|to_nice_yaml(indent=2) }}
    mode: '0640'
    owner: root
    group: frigate
  notify:
  - restart frigate
  tags:
  - config
- name: ensure frigate environment is set
  template:
    src: frigate.environ.j2
    dest: /etc/frigate/environ
    mode: u=r,go=
    owner: root
    group: root
  notify:
  - restart frigate
  tags:
  - config

- name: ensure udev rules are in place for google coral tpu
  copy:
    src: apex.rules
    dest: /etc/udev/rules.d/65-apex.rules
    owner: root
    group: root
    mode: u=rw,go=r
  notify:
  - reload udev
  - trigger udev
  tags:
  - udev

- name: flush handlers
  meta: flush_handlers
- name: ensure frigate is running
  service:
    name: frigate
    state: started
  tags:
  - service

- name: ensure firewall is configured for frigate
  firewalld:
    port: '{{ item }}/tcp'
    immediate: true
    permanent: false
    state: enabled
  loop:
  - 5000  # Frigate web UI/API
  - 1935  # RTMP
  - 8554  # RTSP
  notify: save firewalld configuration
  tags:
  - firewall