---
- name: Create folder structure
  file:
    path: "{{ item }}"
    state: directory
  with_items:
    - "{{ data_dir }}/gluetun"

- name: Pull latest Gluetun Docker Image
  docker_image:
    name: qmcgaw/gluetun
    tag: latest
    source: pull

- name: Deploy Gluetun Docker Container
  docker_container:
    name: gluetun
    image: qmcgaw/gluetun
    recreate: true
    capabilities:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    volumes:
      - "{{ data_dir }}/gluetun:/gluetun"
    networks:
      - name: homelab
    published_ports:
      - 8888:8888/tcp
      - 8388:8388/tcp
      - 8388:8388/udp
    env:
      VPN_SERVICE_PROVIDER: "{{ GLUETUN_VPN_SERVICE_PROVIDER }}"
      VPN_TYPE: "wireguard"
      WIREGUARD_PRIVATE_KEY: "{{ GLUETUN_WIREGUARD_PRIVATE_KEY }}"
      WIREGUARD_ADDRESSES: "{{ GLUETUN_WIREGUARD_ADDRESSES }}"
      SERVER_COUNTRIES: "{{ GLUETUN_SERVER_COUNTRIES }}"
      SERVER_CITIES: "{{ GLUETUN_SERVER_CITIES }}"
      SERVER_HOSTNAMES: "{{ GLUETUN_SERVER_HOSTNAMES }}"
    labels:
      traefik.enable: "true"

      traefik.http.routers.qbit.rule: Host(`qbit.fntz.net`)
      traefik.http.routers.qbit.service: qbit
      traefik.http.routers.qbit.entrypoints: webSecure
      traefik.http.routers.qbit.tls.certresolver: letsencrypt
      traefik.http.services.qbit.loadbalancer.server.port: "8090"

      traefik.http.routers.jackett.rule: Host(`jackett.fntz.net`)
      traefik.http.routers.jackett.service: qbit
      traefik.http.routers.jackett.entrypoints: webSecure
      traefik.http.routers.jackett.tls.certresolver: letsencrypt
      traefik.http.services.jackett.loadbalancer.server.port: "9117"