{% set tpl = ix_lib.base.render.Render(values) %}

{# Validate early #}
{% if values.storage.data_dirs|length == 0 %}
  {% do tpl.funcs.fail("At least 1 storage item must be set") %}
{% endif %}

{% if values.storage.data_dirs|length > 1 %}
  {% if not values.minio.multi_mode.enabled and values.minio.multi_mode.entries|length == 0 %}
    {% do tpl.funcs.fail("[Multi Mode] must be enabled and entries must be set if more than 1 storage item is set") %}
  {% endif %}
{% endif %}

{% set mount_paths = namespace(x=[]) %}
{% for store in values.storage.data_dirs %}
  {% do mount_paths.x.append(store.mount_path.rstrip("/")) %}
{% endfor %}
{% if mount_paths.x|unique|list|length != mount_paths.x|length %}
  {% do tpl.funcs.fail("Mount paths in storage items must be unique, found duplicates: [%s]"|format(mount_paths.x|join(", "))) %}
{% endif %}

{% if values.minio.multi_mode.entries|length > 0 %}
  {% set disallowed_keys = ["server"] %}

  {% for item in values.minio.multi_mode.entries %}
    {% if item in disallowed_keys %}
      {% do tpl.funcs.fail("MinIO: Value [%s] is not allowed in [Multi Mode] items"|format(item)) %}
    {% endif %}

    {# /data{1..2} should fail but /data{1...2} should pass #}
    {% if item.startswith("/") and ('{' in item or '}' in item) and "..." not in item %}
      {% do tpl.funcs.fail("MinIO: [Multi Mode] item [%s] must have 3 dots when they are paths with expansion eg [/some_path{1...4}]"|format(item)) %}
    {% endif %}
  {% endfor %}
{% endif %}
{# Validation complete #}

{% set proto = "https" if values.network.certificate_id else "http" %}

{% set c1 = tpl.add_container(values.consts.minio_container_name, "image") %}
{% set perm_container = tpl.deps.perms(values.consts.perms_container_name) %}
{% set perm_config = {"uid":values.run_as.user, "gid": values.run_as.group, "mode": "check"} %}
{% do c1.set_user(values.run_as.user, values.run_as.group) %}
{% do c1.healthcheck.set_custom_test("mc ready --insecure --cluster-read health") %}

{% set cmd = namespace(x=[
  "server",
  "--address", ":%d"|format(values.network.api_port.port_number),
  "--console-address", ":%d"|format(values.network.console_port.port_number),
]) %}

{% if values.network.certificate_id %}
  {% do cmd.x.extend(["--certs-dir", "/.minio/certs"]) %}

  {% set cert = values.ix_certificates[values.network.certificate_id] %}
  {% do c1.configs.add("private", cert.privatekey, "/.minio/certs/private.key") %}
  {% do c1.configs.add("public", cert.certificate, "/.minio/certs/public.crt") %}
{% endif %}

{% if values.minio.logging.quiet %}
  {% do cmd.x.append("--quiet") %}
{% endif %}

{% if values.minio.logging.anonymous %}
  {% do cmd.x.append("--anonymous") %}
{% endif %}

{% do c1.set_command(cmd.x) %}

{# Stores minio "volumes" that will be passed in the MINIO_VOLUMES env var #}
{% set minio_config_items = namespace(x=[]) %}

{% for store in values.storage.data_dirs %}
  {% do c1.add_storage(store.mount_path, store) %}
  {% do perm_container.add_or_skip_action(store.mount_path, store, perm_config) %}

  {% do minio_config_items.x.append(store.mount_path) %}
{% endfor %}

{% do c1.environment.add_user_envs(values.minio.additional_envs) %}
{% do c1.environment.add_env("MC_HOST_health", "%s://localhost:%d" | format(proto, values.network.api_port.port_number)) %}
{% do c1.environment.add_env("MINIO_ROOT_USER", values.minio.credentials.access_key) %}
{% do c1.environment.add_env("MINIO_ROOT_PASSWORD", values.minio.credentials.secret_key) %}

{% if values.network.server_url %}
  {% do c1.environment.add_env("MINIO_SERVER_URL", values.network.server_url) %}
{% endif %}

{% if values.network.console_url %}
  {% do c1.environment.add_env("MINIO_BROWSER_REDIRECT_URL", values.network.console_url) %}
{% endif %}

{% if values.minio.multi_mode.entries %}
  {% do c1.environment.add_env("MINIO_VOLUMES", values.minio.multi_mode.entries|join(" ")) %}
{% else %}
  {% do c1.environment.add_env("MINIO_VOLUMES", minio_config_items.x|join(" ")) %}
{% endif %}

{% do c1.add_port(values.network.console_port) %}
{% do c1.add_port(values.network.api_port) %}

{% if perm_container.has_actions() %}
  {% do perm_container.activate() %}
  {% do c1.depends.add_dependency(values.consts.perms_container_name, "service_completed_successfully") %}
{% endif %}

{% do tpl.portals.add(values.network.console_port, {"scheme": proto}) %}

{{ tpl.render() | tojson }}