---
- name: Install podman packages
  ansible.builtin.package:
    name:
      - podman
      - podman-compose
      - crun
    state: present

- name: Check if tun module is available
  ansible.builtin.stat:
    path: "/lib/modules/{{ ansible_kernel }}/modules.builtin"
  register: kernel_modules

- name: Load tun kernel module for rootless Podman networking
  community.general.modprobe:
    name: tun
    state: present
  when: kernel_modules.stat.exists
  register: tun_loaded
  ignore_errors: true

- name: Ensure tun module loads on boot
  ansible.builtin.copy:
    content: "tun\n"
    dest: /etc/modules-load.d/tun.conf
    owner: root
    group: root
    mode: "0644"

- name: Warn user about reboot requirement for tun module
  ansible.builtin.debug:
    msg: |
      WARNING: tun kernel module could not be loaded (kernel modules not available).
      A REBOOT IS REQUIRED for the tun module to load and enable Pasta networking.
      After reboot, rootless Podman containers will have better network performance.
  when: not kernel_modules.stat.exists or (tun_loaded is defined and tun_loaded is failed)

- name: Enable Podman service
  ansible.builtin.systemd:
    name: podman.service
    enabled: true

- name: Create projects directory
  ansible.builtin.file:
    path: "{{ podman_projects_dir }}"
    state: directory
    owner: "{{ ansible_user }}"
    group: "{{ ansible_user }}"
    mode: "0755"

- name: Deploy registries configuration
  ansible.builtin.template:
    src: registries.conf.j2
    dest: /etc/containers/registries.conf
    owner: root
    group: root
    mode: "0644"

- name: Deploy Podman containers configuration
  ansible.builtin.template:
    src: containers.conf.j2
    dest: /etc/containers/containers.conf
    owner: root
    group: root
    mode: "0644"