{% set tpl = ix_lib.base.render.Render(values) %}

{% set perm_container = tpl.deps.perms(values.consts.perms_container_name) %}
{% set mariadb_config = {
  "user": values.consts.db_user,
  "root_password": values.castopod.db_root_password,
  "password": values.castopod.db_password,
  "database": values.consts.db_name,
  "volume": values.storage.mariadb_data,
} %}
{% set mariadb_container = tpl.deps.mariadb(values.consts.mariadb_container_name, "mariadb_image", mariadb_config, perm_container) %}

{% set redis_config = {
  "password": values.castopod.redis_password,
  "volume": {"type": "temporary", "volume_config": {"volume_name": "redis-data"}},
} %}
{% set redis_container = tpl.deps.redis(values.consts.redis_container_name, "redis_image", redis_config, perm_container) %}

{% set c1 = tpl.add_container(values.consts.castopod_container_name, "image") %}
{% do c1.set_user(0, 0) %}
{% do c1.add_caps(["CHOWN", "DAC_OVERRIDE", "FOWNER", "SETGID", "SETUID"]) %}
{% do c1.depends.add_dependency(values.consts.mariadb_container_name, "service_healthy") %}
{% do c1.depends.add_dependency(values.consts.redis_container_name, "service_healthy") %}
{% do c1.healthcheck.set_test("tcp", {"port": values.consts.internal_api_port}) %}
{% do c1.environment.add_env("CP_ANALYTICS_SALT", values.castopod.analytics_salt) %}
{% do c1.environment.add_env("CP_DATABASE_HOSTNAME", values.consts.mariadb_container_name) %}
{% do c1.environment.add_env("CP_DATABASE_NAME", values.consts.db_name) %}
{% do c1.environment.add_env("CP_DATABASE_USERNAME", values.consts.db_user) %}
{% do c1.environment.add_env("CP_DATABASE_PASSWORD", values.castopod.db_password) %}
{% do c1.environment.add_env("CP_CACHE_HANDLER", "redis") %}
{% do c1.environment.add_env("CP_REDIS_HOST", values.consts.redis_container_name) %}
{% do c1.environment.add_env("CP_REDIS_PASSWORD", values.castopod.redis_password) %}
{% do c1.environment.add_env("CP_REDIS_PORT", 6379) %}
{% do c1.environment.add_env("CP_REDIS_DATABASE", 0) %}
{% do c1.environment.add_env("CP_TIMEOUT", values.castopod.web_timeout) %}
{% do c1.environment.add_env("CP_MAX_BODY_SIZE", "%dM" | format(values.castopod.web_max_body_size)) %}
{% do c1.environment.add_env("CP_PHP_MEMORY_LIMIT", "%dM" | format(values.castopod.php_memory_limit)) %}
{% do c1.environment.add_env("CP_BASEURL", values.castopod.base_url) %}
{% do c1.environment.add_env("CP_MEDIAURL", values.castopod.base_url) %}
{% do c1.environment.add_env("CP_ENABLE_2FA", values.castopod.enable_2fa) %}
{% do c1.environment.add_env("CP_DISABLE_HTTPS", 1 if values.castopod.disable_https_redirect else 0) %}
{% do c1.environment.add_user_envs(values.castopod.additional_envs) %}

{% set web = tpl.add_container(values.consts.castopod_web_container_name, "web_image") %}
{% do web.set_user(0, 0) %}
{% do web.add_caps(["CHOWN", "SETGID", "SETUID"]) %}
{% do web.depends.add_dependency(values.consts.castopod_container_name, "service_healthy") %}
{% do web.healthcheck.set_test("curl", {"port": values.consts.internal_web_port, "path": "/health"}) %}
{% do web.environment.add_env("CP_TIMEOUT", values.castopod.web_timeout) %}
{% do web.environment.add_env("CP_APP_HOSTNAME", values.consts.castopod_container_name) %}
{% do web.environment.add_env("CP_MAX_BODY_SIZE", "%dM" | format(values.castopod.web_max_body_size)) %}
{% do web.environment.add_user_envs(values.castopod.additional_envs) %}
{% do web.add_port(values.network.web_port, {"container_port": values.consts.internal_web_port}) %}

{% do c1.add_storage("/var/www/castopod/public/media", values.storage.data) %}
{% do web.add_storage("/var/www/html/media", values.storage.data) %}
{% for store in values.storage.additional_storage %}
  {% do c1.add_storage(store.mount_path, store) %}
  {% do web.add_storage(store.mount_path, store) %}
{% endfor %}

{% if perm_container.has_actions() %}
  {% do perm_container.activate() %}
  {% do mariadb_container.container.depends.add_dependency(values.consts.perms_container_name, "service_completed_successfully") %}
  {% do redis_container.container.depends.add_dependency(values.consts.perms_container_name, "service_completed_successfully") %}
{% endif %}

{% do tpl.portals.add(values.network.web_port) %}
{% set is_install = values.get("ix_context", {}).get("is_install", False) %}
{% do tpl.portals.add(values.network.web_port, {
  "name": "Install Portal" if is_install else "Admin Portal",
  "path": "/cp-install" if is_install else "/cp-admin"
}) %}

{{ tpl.render() | tojson }}