---
- name: Install restic
  apt:
    update_cache: true
    name:
      - restic
    state: present
  register: apt_result
  retries: 3
  until: apt_result is succeeded

- name: Ensures /etc/restic exists
  file:
    path: /etc/restic
    state: directory
    mode: 0700
    owner: root

- name: Deploy restic config
  template:
    src: "restic/base{{ item.1 }}.j2"
    dest: /etc/restic/{{ item.0 }}{{ item.1 }}
    mode: 0600
    owner: root
    group: root
  with_nested:
    - "{{ restic.config }}"
    - { .env, -excludes, -includes, -password, -repo }
  notify:
    - Restart timer
    - systemctl daemon-reload

- name: Deploy restic systemd
  template:
    src: "systemd/system/restic-base{{ item.1 }}.j2"
    dest: /etc/systemd/system/restic-{{ item.0 }}{{ item.1 }}
    mode: 0600
    owner: root
    group: root
  with_nested:
    - "{{ restic.config }}"
    - { .service, .timer }
  notify:
    - Restart timer
    - systemctl daemon-reload

- name: Init restic repository (Debian >=12)
  command:
    cmd: "restic init --repository-file /etc/restic/{{ item }}-repo --password-file /etc/restic/base-password"
  register: restic_init
  ignore_errors: true
  loop: "{{ restic.config.keys() }}"
  when:
    - ansible_facts['distribution_major_version'] >= "12"

- name: Init restic repository (Debian <12)
  command:
    cmd: "restic init --repo {{ restic.remote.0 + item }} --password-file /etc/restic/{{ item }}-password"
  register: restic_init
  ignore_errors: true
  loop: "{{ restic.config.keys() }}"
  when:
    - ansible_facts['distribution_major_version'] < "12"

- name: Indicate role in motd
  template:
    src: update-motd.d/04-service.j2
    dest: /etc/update-motd.d/04-restic
    mode: 0755

- name: Enable timer
  service:
    name: restic-{{ item }}.timer
    enabled: true
  loop: "{{ restic.config.keys() }}"