{% set tpl = ix_lib.base.render.Render(values) %}

{% set c1 = tpl.add_container(values.consts.console_container_name, "image") %}
{% set perm_container = tpl.deps.perms(values.consts.perms_container_name) %}
{% set perms_config = {"uid": values.run_as.user, "gid": values.run_as.group, "mode": "check"} %}

{% set cmd = namespace(x=[
  "console", "server",
  "--port", values.network.http_port.port_number,
]) %}

{% do c1.set_user(values.run_as.user, values.run_as.group) %}
{% do c1.healthcheck.set_test("curl", {"port": values.network.http_port.port_number, "path": "/api/v1/login"}) %}
{% do c1.environment.add_env("CONSOLE_MINIO_SERVER", values.console.minio_server) %}
{% do c1.environment.add_user_envs(values.console.additional_envs) %}

{% if values.network.certificate_id %}
  {% set cert = values.ix_certificates[values.network.certificate_id] %}
  {% do c1.configs.add("private", cert.privatekey, "%s/private.key" | format(values.consts.certs_dir)) %}
  {% do c1.configs.add("public", cert.certificate, "%s/public.crt" | format(values.consts.certs_dir)) %}

  {% do cmd.x.extend([
    "--certs-dir", values.consts.certs_dir,
    "--tls-port", values.network.https_port.port_number,
  ]) %}

  {% do c1.add_port(values.network.https_port) %}
  {% do tpl.portals.add(values.network.https_port, {"name": "HTTPS", "scheme": "https"}) %}
{% endif %}

{% do c1.set_command(cmd.x) %}
{% do c1.add_port(values.network.http_port) %}

{% for store in values.storage.additional_storage %}
  {% do c1.add_storage(store.mount_path, store) %}
  {% do perm_container.add_or_skip_action(store.mount_path, store, perms_config) %}
{% endfor %}

{% if perm_container.has_actions() %}
  {% do perm_container.activate() %}
  {% do c1.depends.add_dependency(values.consts.perms_container_name, "service_completed_successfully") %}
{% endif %}

{% do tpl.portals.add(values.network.http_port, {"name": "HTTP"}) %}

{{ tpl.render() | tojson }}