hedgedoc data directory exists:
  file.directory:
    - name: /opt/hedgedoc/pg_data
    - makedirs: True

hedgedoc uploads directory exists:
  file.directory:
    - name: /opt/hedgedoc/uploads
    - makedirs: True

hedgedoc_docker_net_present:
  docker_network.present:
    - name: hedgedoc

hedgedoc_docker_present:
  docker_container.running:
    - name: hedgedoc
    - image: {{ salt['pillar.get']('hedgedoc:image:path', 'quay.io/hedgedoc/hedgedoc') }}:{{ salt['pillar.get']('hedgedoc:image:version', '1.10.0') }}
    - container: hedgedoc
    - environment:
       - CMD_DB_URL: "postgres://codimd:password@hedgedocdatabase:5432/codimd"
       - CMD_USECDN: "false"
       - CMD_DOMAIN: "pad.flipdot.org"
       - CMD_URL_ADDPORT: "false"
       - CMD_EMAIL: "false"
       - CMD_ALLOW_EMAIL_REGISTER: "false"
       - CMD_ALLOW_ANONYMOUS: "true"
       - CMD_ALLOW_ANONYMOUS_EDITS: "true"
       - CMD_DEFAULT_PERMISSION: "freely"
       - CMD_PROTOCOL_USESSL: "true"
       - CMD_OAUTH2_USER_PROFILE_URL: {{ salt['pillar.get']('hedgedoc:oauth2:user_profile_url', 'https://login.example.com/realms/example/protocol/openid-connect/userinfo') }}
       - CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR: "preferred_username"
       - CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR: "preferred_username"
       - CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR: "email"
       - CMD_OAUTH2_TOKEN_URL: {{ salt['pillar.get']('hedgedoc:oauth2:token_url', 'https://login.example.com/realms/example/protocol/openid-connect/token') }}
       - CMD_OAUTH2_AUTHORIZATION_URL: {{ salt['pillar.get']('hedgedoc:oauth2:authorization_url', 'https://login.example.com/realms/example/protocol/openid-connect/auth') }}
       - CMD_OAUTH2_CLIENT_ID: {{ salt['pillar.get']('hedgedoc:oauth2:client_id', 'hedgedoc') }}
       - CMD_OAUTH2_CLIENT_SECRET: {{ salt['pillar.get']('hedgedoc:oauth2:client_secret') }}
       - CMD_OAUTH2_PROVIDERNAME: {{ salt['pillar.get']('hedgedoc:oauth2:providername', 'login.example.com') }}
       - CMD_OAUTH2_SCOPE: "openid email profile"
    - networks:
       - hedgedoc
    - binds:
       - /opt/hedgedoc/uploads:/hedgedoc/public/uploads
    - port_bindings:
      - "{{ salt['pillar.get']('hedgedoc:container_web_port', "127.0.0.1:3000") }}:3000"
    - restart: always

hedgedoc_database_present:
  docker_container.running:
    - name: hedgedocdatabase
    - image: postgres:{{ salt['pillar.get']('hedgedoc:postgres:version', '16-alpine') }}
    - environment:
       - POSTGRES_USER: codimd
       - POSTGRES_PASSWORD: password
       - POSTGRES_DB: codimd
    - networks:
       - hedgedoc
    - binds:
       - /opt/hedgedoc/pg_data:/var/lib/postgresql/data
    - restart: always