Post-Tyranny-Tech-Infrastructure/ansible/roles/zitadel/tasks/docker.yml

---
# Docker Compose setup for Zitadel

- name: Create Zitadel configuration directory
  file:
    path: "{{ zitadel_config_dir }}"
    state: directory
    mode: '0755'

- name: Create Zitadel internal network
  community.docker.docker_network:
    name: "{{ zitadel_network }}"
    driver: bridge
    internal: true

- name: Deploy Zitadel Docker Compose configuration
  template:
    src: docker-compose.zitadel.yml.j2
    dest: "{{ zitadel_config_dir }}/docker-compose.yml"
    mode: '0600'
  notify: Restart Zitadel

- name: Start Zitadel services
  community.docker.docker_compose_v2:
    project_src: "{{ zitadel_config_dir }}"
    state: present
  register: zitadel_deploy

- name: Wait for Zitadel database to be ready
  community.docker.docker_container_exec:
    container: zitadel-db
    command: pg_isready -U {{ zitadel_db_user }} -d {{ zitadel_db_name }}
  register: db_ready
  until: db_ready.rc == 0
  retries: 30
  delay: 2
  changed_when: false

- name: Wait for Zitadel to be healthy
  uri:
    url: "https://{{ zitadel_domain }}/debug/ready"
    method: GET
    status_code: 200
    validate_certs: yes
  register: zitadel_health
  until: zitadel_health.status == 200
  retries: 30
  delay: 10
  changed_when: false