- hosts: swarm
  become: "true"
  tasks:
    ####################
    # - Tuning - Traefik
    # -- Traefik serving QUIC can be bottlenecked by a too-low UDP buffer.
    # -- This increases both send & receive from ~200KB to 2.5MB.
    ####################
    - name: "Set net.core.rmem_max = 2500000"
      sysctl:
        state: "present"
        name: "net.core.rmem_max"
        value: "2500000"
        reload: "yes"
    
    - name: "Set net.core.wmem_max = 2500000"
      sysctl:
        state: "present"
        name: "net.core.rmem_max"
        value: "2500000"
        reload: "yes"
    
    #################### 
    # - Docker - Install
    #################### 
    - name: "Download Docker Apt Key"
      ansible.builtin.get_url:
        url: "https://download.docker.com/linux/debian/gpg"
        dest: "/etc/apt/trusted.gpg.d/docker.asc"
        checksum: "sha256:1500c1f56fa9e26b9b8f42452a553675796ade0807cdce11975eb98170b3a570"
        owner: "root"
        group: "root"
        mode: "644"

    - name: "Add Docker Apt Repository"
      apt_repository:
        state: "present"
        repo: "deb https://download.docker.com/linux/debian bullseye stable"
        filename: "docker"

    - name: "Install Docker CE"
      apt:
        state: "present"
        name: "docker-ce"

    - name: "Install python3-docker"
      apt:
        state: "present"
        name: "python3-docker"
    
    #################### 
    # - Docker Plugin - rclone
    #################### 
    - name: "Install fuse"
      apt:
        state: "present"
        name: "fuse"
    
    - name: "Create rclone Config Path"
      ansible.builtin.file:
        path: "/var/lib/docker-plugins/rclone/config"
        state: directory
        mode: "0750"
    
    - name: "Create rclone Cache Path"
      ansible.builtin.file:
        path: "/var/lib/docker-plugins/rclone/cache"
        state: directory
        mode: "0750"
    
    - name: "Disable the rclone Docker Plugin"
      community.docker.docker_plugin:
        state: "disable"
        alias: "rclone"
        plugin_name: "rclone/docker-volume-rclone:amd64"
    
    - name: "Install rclone Docker Plugin"
      community.docker.docker_plugin:
        state: "present"
        alias: "rclone"
        plugin_name: "rclone/docker-volume-rclone:amd64"
        plugin_options:
          args: "-v --allow-other"
    
    - name: "Enable the rclone Docker Plugin"
      community.docker.docker_plugin:
        state: "enable"
        alias: "rclone"
        plugin_name: "rclone/docker-volume-rclone:amd64"
        plugin_options:
          args: "-v --allow-other"

#################### 
# - Docker - Swarm Init
#################### 
- hosts: leader
  become: "true"
  tasks:
    - name: "Initialize Docker Swarm Leader"
      community.docker.docker_swarm:
        state: "present"
        advertise_addr: "{{ wg0_ip }}"
        listen_addr: "{{ wg0_ip }}:2377"
    
    - name: "Collect Swarm Info"
      community.docker.docker_swarm_info:
      register: swarm_info

    - name: "Retrieve Join Tokens"
      set_fact:
        swarm_manager_token: "{{ swarm_info.swarm_facts['JoinTokens']['Manager'] }}"
        swarm_worker_token: "{{ swarm_info.swarm_facts['JoinTokens']['Worker'] }}"
    
    - name: "Install jsondiff & pyyaml (stack-deploy deps)"
      apt:
        state: "present"
        name:
          - "python3-jsondiff"
          - "python3-yaml"

# SKIP Manager
# - Currently, there is only one manager == leader. So there's no point.

- hosts: worker
  become: "true"
  tasks:
    - name: "Initialize Docker Swarm Workers"
      community.docker.docker_swarm:
        state: "join"
        advertise_addr: "{{ wg0_ip }}"
        join_token: "{{ hostvars[groups['leader'][0]]['swarm_worker_token'] }}"
        remote_addrs: [ "{{ hostvars[groups['leader'][0]]['wg0_ip'] }}:2377" ]