---
- name: Deploy Frontend
  hosts: prod

  pre_tasks:
    - name: Install docker
      ansible.builtin.include_role:
        name: geerlingguy.docker

    - name: Configure ufw
      community.general.ufw:
        rule: allow
        port: "{{ item }}"
      loop:
        - "80"
        - "443"
        - "2222"

    - name: Enable ufw
      community.general.ufw:
        state: enabled
  tasks:
    - name: Ensure directory
      ansible.builtin.file:
        path: /opt/aegisfront
        state: directory

    - name: Copy compose
      ansible.builtin.copy:
        src: "{{ playbook_dir }}/../docker-compose.yml"
        dest: /opt/aegisfront/docker-compose.yml

    - name: Pull image
      ansible.builtin.shell:
        cmd: docker compose pull
        chdir: /opt/aegisfront
      environment:
        REGISTRY: gitea.d3m0k1d.ru
        TAG: latest

    - name: Start
      ansible.builtin.shell:
        cmd: docker compose up -d --remove-orphans
        chdir: /opt/aegisfront
      environment:
        REGISTRY: gitea.d3m0k1d.ru
        TAG: latest