{% set tpl = ix_lib.base.render.Render(values) %}
{% set frontend = tpl.add_container(values.consts.penpot_frontend_container_name, "image") %}
{% set backend = tpl.add_container(values.consts.penpot_backend_container_name, "backend_image") %}
{% set exporter = tpl.add_container(values.consts.penpot_exporter_container_name, "exporter_image") %}
{% set perm_container = tpl.deps.perms(values.consts.perms_container_name) %}

{% set pg_config = {
  "user": values.consts.db_user,
  "password": values.penpot.db_password,
  "database": values.consts.db_name,
  "volume": values.storage.postgres_data,
} %}
{% set postgres = tpl.deps.postgres(
  values.consts.postgres_container_name,
  values.penpot.postgres_image_selector,
  pg_config, perm_container
) %}

{% set redis_config = {
  "password": values.penpot.redis_password,
  "volume": {"type": "temporary", "volume_config": {"volume_name": "redis-data"}},
} %}
{% set redis = tpl.deps.redis(values.consts.redis_container_name, "redis_image", redis_config, perm_container) %}

{% do backend.depends.add_dependency(values.consts.postgres_container_name, "service_healthy") %}
{% do backend.depends.add_dependency(values.consts.redis_container_name, "service_healthy") %}
{% do exporter.depends.add_dependency(values.consts.penpot_backend_container_name, "service_healthy") %}
{% do frontend.depends.add_dependency(values.consts.penpot_backend_container_name, "service_healthy") %}

{% do backend.set_user(values.consts.run_as_user, values.consts.run_as_group) %}
{% do exporter.set_user(values.consts.run_as_user, values.consts.run_as_group) %}
{% do frontend.set_user(values.consts.run_as_user, values.consts.run_as_group) %}

{% do backend.healthcheck.set_test("http", {"port": values.consts.backend_port, "path": "/readyz"}) %}
{% do exporter.healthcheck.set_test("curl", {"port": values.consts.exporter_port, "path": "/readyz"}) %}
{% do frontend.healthcheck.set_test("curl", {"port": values.consts.frontend_port, "path": "/readyz"}) %}

{% set perms_config = {"uid": values.consts.run_as_user, "gid": values.consts.run_as_group, "mode": "check", "chmod": "0777"} %}
{% do backend.add_storage(values.consts.assets_path, values.storage.assets) %}
{% do frontend.add_storage(values.consts.assets_path, values.storage.assets) %}
{% do perm_container.add_or_skip_action("assets", values.storage.assets, perms_config) %}

{% for store in values.storage.additional_storage %}
  {% do backend.add_storage(store.mount_path, store) %}
  {% do perm_container.add_or_skip_action(store.mount_path, store, perms_config) %}
{% endfor %}

{% set redis_uri = "redis://default:%s@%s:6379/0"|format(values.penpot.redis_password, values.consts.redis_container_name) %}

{% do backend.environment.add_env("PENPOT_HTTP_SERVER_PORT", values.consts.backend_port) %}
{% do backend.environment.add_env("PENPOT_HTTP_SERVER_HOST", "0.0.0.0") %}
{% do backend.environment.add_env("PENPOT_REDIS_URI", redis_uri) %}
{% do backend.environment.add_env("PENPOT_DATABASE_USERNAME", values.consts.db_user) %}
{% do backend.environment.add_env("PENPOT_DATABASE_PASSWORD", values.penpot.db_password) %}
{% do backend.environment.add_env("PENPOT_DATABASE_URI", postgres.get_url("postgresql_no_creds")) %}
{% do backend.environment.add_env("PENPOT_OBJECTS_STORAGE_BACKEND", "fs") %}
{% do backend.environment.add_env("PENPOT_SECRET_KEY", values.penpot.secret_key) %}
{% do backend.environment.add_env("PENPOT_OBJECTS_STORAGE_FS_DIRECTORY", values.consts.assets_path) %}
{% do backend.environment.add_env("PENPOT_PUBLIC_URI", values.penpot.public_uri) %}
{% do backend.environment.add_user_envs(values.penpot.additional_envs) %}
{% do backend.environment.add_env("PENPOT_TELEMETRY_ENABLED", "true") %}
{% do backend.environment.add_env("PENPOT_TELEMETRY_REFERER", "truenas") %}

{% do exporter.environment.add_env("PENPOT_PUBLIC_URI", values.penpot.public_uri) %}
{% do exporter.environment.add_env("PENPOT_REDIS_URI", redis_uri) %}
{% do exporter.environment.add_env("PENPOT_HTTP_SERVER_PORT", values.consts.exporter_port) %}
{% do exporter.environment.add_env("PENPOT_HTTP_SERVER_HOST", "0.0.0.0") %}

{% do frontend.environment.add_env("PENPOT_PUBLIC_URI", values.penpot.public_uri) %}
{% do frontend.environment.add_env("PENPOT_BACKEND_URI", "http://%s:%d"|format(values.consts.penpot_backend_container_name, values.consts.backend_port)) %}
{% do frontend.environment.add_env("PENPOT_EXPORTER_URI", "http://%s:%d"|format(values.consts.penpot_exporter_container_name, values.consts.exporter_port)) %}

{% set flags = namespace(x=[]) %}
{% set flag_names = values.penpot.flags | map(attribute="name") | list %}
{% if flag_names | unique | list | length != flag_names | length %}
  {% do tpl.funcs.fail("Flag names must be unique, got [%s]"|format(flag_names | join(", "))) %}
{% endif %}

{% for flag in values.penpot.flags %}
  {% if flag.name.startswith("enable-") or flag.name.startswith("disable-") %}
    {% do tpl.funcs.fail("Flag name [%s] cannot start with [enable-] or [disable-], use the checkbox instead."|format(flag.name)) %}
  {% endif %}

  {% do flags.x.append("%s-%s"|format("enable" if flag.enable else "disable", flag.name)) %}
{% endfor %}

{% if flags.x %}
  {% do backend.environment.add_env("PENPOT_FLAGS", " ".join(flags.x)) %}
  {% do frontend.environment.add_env("PENPOT_FLAGS", " ".join(flags.x)) %}
  {% do exporter.environment.add_env("PENPOT_FLAGS", " ".join(flags.x)) %}
{% endif %}

{% do frontend.add_port(values.network.web_port, {"container_port": values.consts.frontend_port}) %}

{% if perm_container.has_actions() %}
  {% do perm_container.activate() %}
  {% do postgres.add_dependency(values.consts.perms_container_name, "service_completed_successfully") %}
  {% do redis.container.depends.add_dependency(values.consts.perms_container_name, "service_completed_successfully") %}
  {% do backend.depends.add_dependency(values.consts.perms_container_name, "service_completed_successfully") %}
  {% do exporter.depends.add_dependency(values.consts.perms_container_name, "service_completed_successfully") %}
  {% do frontend.depends.add_dependency(values.consts.perms_container_name, "service_completed_successfully") %}
{% endif %}

{% do tpl.portals.add(values.network.web_port) %}

{{ tpl.render() | tojson }}