computer-playbook/roles/web-app-minio/tasks/main.yml

---
- name: "Install Ollama Dependency"
  include_role:
    name: svc-ai-ollama
  vars:
    flush_handlers: true
  when:    
    - run_once_svc_ai_ollama is not defined
    - OLLAMA_LOCAL_ENABLED | bool

- name: "load docker and db for {{ application_id }}"
  include_role:
    name: sys-stk-back-stateless
  vars:
    docker_compose_flush_handlers: true

- name: "Include role sys-stk-front-proxy for each UI domain"
  include_role:
    name: sys-stk-front-proxy
  vars:
    domain:    "{{ item.domain }}"
    http_port: "{{ item.http_port }}"
  loop: "{{ MINIO_FRONT_PROXY_MATRIX }}"
  loop_control:
    label: "{{ item.domain }} -> {{ item.http_port }}"

- block:
    - name: "Render MinIO policy into variable"
      set_fact:
        minio_policy_content: "{{ lookup('template', 'policy.json.j2') }}"

    - name: "Apply MinIO policy {{ MINIO_OIDC_POLICY_NAME }}"
      shell: |
        set -euo pipefail
        mc alias set minio {{ MINIO_API_URL }} {{ users.administrator.username }} {{ users.administrator.password }}
        mc admin policy create minio {{ MINIO_OIDC_POLICY_NAME }} /dev/stdin || true
      args:
        executable: /bin/bash
        stdin: "{{ minio_policy_content }}"
  when: MINIO_OIDC_ENABLED | bool