- name: Create Docker network for PostgreSQL
  docker_network:
    name: central_postgres
    state: present
  when: run_once_docker_postgres is not defined

- name: Install PostgreSQL
  docker_container:
    name: central-postgres
    image: "postgres:{{database_version}}"
    detach: yes
    env:
      POSTGRES_PASSWORD: "{{ central_postgres_password }}"
      POSTGRES_INITDB_ARGS: "--encoding=UTF8 --locale=C" # Necessary for docker-matrix
    networks:
      - name: central_postgres
    published_ports:
      - "127.0.0.1:5432:5432"
    volumes:
      - central_postgres_database:/var/lib/postgresql/data
    restart_policy: "{{docker_restart_policy}}"
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U postgres"]
      interval: 10s
      timeout: 5s
      retries: 5
      start_period: 30s
  when: run_once_docker_postgres is not defined

- name: wait for availability of postgres
  wait_for:
    host: "127.0.0.1"
    port: "5432"
    delay: "{{database_delay}}"
    timeout: 360
  when: run_once_docker_postgres is not defined  

- name: install python-psycopg2
  pacman: 
    name: python-psycopg2
    state: present
  when: run_once_docker_postgres is not defined

- name: "Create database: {{ database_name }}"
  postgresql_db:
    name: "{{ database_name }}"
    state: present
    login_user: postgres
    login_password: "{{ central_postgres_password }}"
    login_host: 127.0.0.1
    login_port: 5432

- name: "Create database user: {{ database_username }}"
  postgresql_user:
    name:           "{{ database_username }}"
    password:       "{{ database_password }}"
    db:             "{{ database_name }}"
    state:          present
    login_user:     postgres
    login_password: "{{ central_postgres_password }}"
    login_host:     127.0.0.1
    login_port:     5432

- name: "Set privileges for database user: {{ database_username }}"
  postgresql_privs:
    db:             "{{ database_name }}"
    role:           "{{ database_username }}"
    objs:           ALL_IN_SCHEMA
    privs:          ALL
    type:           table
    state:          present
    login_user:     postgres
    login_password: "{{ central_postgres_password }}"
    login_host:     127.0.0.1
    login_port:     5432

- name: Grant all privileges at the database level
  postgresql_privs:
    db: "{{ database_name }}"
    role: "{{ database_username }}"
    privs: ALL
    type: database
    state: present
    login_user: postgres
    login_password: "{{ central_postgres_password }}"
    login_host: 127.0.0.1
    login_port: 5432

- name: Grant all privileges on all tables in the public schema
  postgresql_privs:
    db: "{{ database_name }}"
    role: "{{ database_username }}"
    objs: ALL_IN_SCHEMA
    privs: ALL
    type: table
    schema: public
    state: present
    login_user: postgres
    login_password: "{{ central_postgres_password }}"
    login_host: 127.0.0.1
    login_port: 5432

- name: Set comprehensive privileges for user on public schema
  postgresql_query:
    db: "{{ database_name }}"
    login_user: postgres
    login_password: "{{ central_postgres_password }}"
    login_host: 127.0.0.1
    login_port: 5432
    query: |
      GRANT USAGE ON SCHEMA public TO {{ database_username }};
      GRANT CREATE ON SCHEMA public TO {{ database_username }};
      ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON TABLES TO {{ database_username }};

- name: Run the docker_postgres tasks once
  set_fact:
    run_once_docker_postgres: true
  when: run_once_docker_postgres is not defined