---
- name: Merge variables
  block:
  - name: Merge users
    set_fact:
      users: "{{ default_users | combine(users, recursive=True) }}"

  - name: Merge system_email definitions
    set_fact:
      system_email: "{{ default_system_email | combine(system_email | default({}, true), recursive=True) }}"
  - name: Merge domain definitions
    set_fact:
      domains: "{{ defaults_domains | combine(domains | default({}, true), recursive=True) }}"

  - name: Merge redirect domain definitions into dictionary
    set_fact:
      combined_mapping: >-
        {{
          (defaults_redirect_domain_mappings | items2dict(key_name='source', value_name='target'))
          | combine(
              (redirect_domain_mappings | default([]) | items2dict(key_name='source', value_name='target')),
              recursive=True
            )
        }}

  - name: Transform combined mapping to list with source and target keys
    set_fact:
      redirect_domain_mappings: "{{ redirect_domain_mappings | default([]) + [ {'source': item.key, 'target': item.value} ] }}"
    loop: "{{ combined_mapping | dict2items }}"

  - name: Merge application definitions
    set_fact:
      applications: "{{ defaults_applications | combine(applications | default({}, true), recursive=True) }}"

  - name: Merge networks definitions
    set_fact:
      networks: "{{ defaults_networks | combine(networks | default({}, true), recursive=True) }}"
  
  - name: Merge oidc configuration
    set_fact:
      oidc: "{{ defaults_oidc | combine(oidc | default({}, true), recursive=True) }}"

  - name: Merge design configuration
    set_fact:
      design: "{{ defaults_design | combine(design | default({}, true), recursive=True) }}"

  - name: Merge service_provider configuration
    set_fact:
      service_provider: "{{ defaults_service_provider | combine(service_provider | default({}, true), recursive=True) }}"

  - name: "Merged Variables"
    # Add new merged variables here
    debug:
      msg:
        domains:          "{{domains}}"
        applications:     "{{applications}}"
        oidc:             "{{oidc}}"
        service_provider: "{{service_provider}}"
        users:            "{{users}}"
    when: enable_debug | bool

- name: init root user
  include_role:
    name: user-root

- name: update device
  include_role:
    name: update
  when: mode_update | bool

- name: setup standard wireguard
  when: ("wireguard_server" in group_names)
  include_role:
    name: wireguard

# vpn setup
- name: setup wireguard client behind firewall\nat
  when: ("wireguard_behind_firewall" in group_names)
  include_role:
    name: client-wireguard-behind-firewall

- name: setup wireguard client
  when: ("wireguard_client" in group_names)
  include_role:
    name: client-wireguard

## backup setup
- name: setup replica backup hosts
  when: ("backup_remote_to_local" in group_names)
  include_role:
    name: backup-remote-to-local

- name: setup backup to swappable
  when: ("backup_to_usb" in group_names)
  include_role:
    name: backup-data-to-usb

## driver setup
- name: driver-intel
  when: ("intel" in group_names)
  include_role:
    name: driver-intel

- name: setup multiprinter hosts
  when: ("epson_multiprinter" in group_names)
  include_role:
    name: driver-epson-multiprinter

## system setup 
- name: setup swapfile hosts
  when: ("swapfile" in group_names)
  include_role:
    name: system-swapfile