{% set tpl = ix_lib.base.render.Render(values) %}

{% set c1 = tpl.add_container(values.consts.authelia_container_name, "image") %}
{% set perm_container = tpl.deps.perms(values.consts.perms_container_name) %}
{% set perms_config = {"uid": values.run_as.user, "gid": values.run_as.group, "mode": "check"} %}

{% set pg_config = {
  "user": values.consts.db_user,
  "password": values.authelia.db_password,
  "database": values.consts.db_name,
  "volume": values.storage.postgres_data,
} %}
{% set postgres = tpl.deps.postgres(
  values.consts.postgres_container_name,
  values.authelia.postgres_image_selector,
  pg_config, perm_container
) %}

{% set redis_config = {
  "password": values.authelia.redis_password,
  "volume": {"type": "temporary", "volume_config": {"volume_name": "redis-data"}},
} %}
{% set redis_container = tpl.deps.redis(values.consts.redis_container_name, "redis_image", redis_config, perm_container) %}

{% do c1.set_user(values.run_as.user, values.run_as.group) %}
{% do c1.healthcheck.set_custom_test("/app/healthcheck.sh") %}
{% if values.authelia.use_dummy_config %}
  {% do c1.configs.add("dummy-configuration.yaml", values.consts.dummy_config, values.consts.dummy_config_path) %}
  {% do tpl.notes.add_warning(values.consts.warning) %}
{% endif %}

{% do c1.depends.add_dependency(values.consts.postgres_container_name, "service_healthy") %}
{% do c1.depends.add_dependency(values.consts.redis_container_name, "service_healthy") %}

{% do c1.environment.add_env("X_AUTHELIA_CONFIG", values.consts.dummy_config_path if values.authelia.use_dummy_config else values.authelia.config_path) %}
{% do c1.environment.add_env("AUTHELIA_SERVER_DISABLE_HEALTHCHECK", false) %}
{% do c1.environment.add_env("AUTHELIA_SERVER_ADDRESS", "tcp://:%d%s"|format(values.network.web_port.port_number, values.authelia.base_path)) %}
{% do c1.environment.add_env("AUTHELIA_STORAGE_POSTGRES_ADDRESS", "tcp://%s:5432"|format(values.consts.postgres_container_name)) %}
{% do c1.environment.add_env("AUTHELIA_STORAGE_POSTGRES_DATABASE", values.consts.db_name) %}
{% do c1.environment.add_env("AUTHELIA_STORAGE_POSTGRES_USERNAME", values.consts.db_user) %}
{% do c1.environment.add_env("AUTHELIA_STORAGE_POSTGRES_PASSWORD", values.authelia.db_password) %}
{% do c1.environment.add_env("AUTHELIA_STORAGE_ENCRYPTION_KEY", values.authelia.encryption_key) %}
{% do c1.environment.add_env("AUTHELIA_SESSION_SECRET", values.authelia.session_secret) %}
{% do c1.environment.add_env("AUTHELIA_SESSION_REDIS_HOST", values.consts.redis_container_name) %}
{% do c1.environment.add_env("AUTHELIA_SESSION_REDIS_PORT", 6379) %}
{% do c1.environment.add_env("AUTHELIA_SESSION_REDIS_DATABASE_INDEX", 0) %}
{% do c1.environment.add_env("AUTHELIA_SESSION_REDIS_PASSWORD", values.authelia.redis_password) %}
{% do c1.environment.add_env("AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET", values.authelia.jwt_secret) %}

{% do c1.environment.add_user_envs(values.authelia.additional_envs) %}

{% do c1.add_port(values.network.web_port) %}

{% do c1.add_storage("/config", values.storage.config) %}
{% do perm_container.add_or_skip_action("config", values.storage.config, perms_config) %}

{% for store in values.storage.additional_storage %}
  {% do c1.add_storage(store.mount_path, store) %}
  {% do perm_container.add_or_skip_action(store.mount_path, store, perms_config) %}
{% endfor %}

{% if perm_container.has_actions() %}
  {% do perm_container.activate() %}
  {% do c1.depends.add_dependency(values.consts.perms_container_name, "service_completed_successfully") %}
  {% do postgres.add_dependency(values.consts.perms_container_name, "service_completed_successfully") %}
{% endif %}

{% do tpl.portals.add(values.network.web_port) %}

{{ tpl.render() | tojson }}