---
# Database setup for Vaultwarden - PostgreSQL via Unix Socket

- name: Test PostgreSQL socket connectivity
  postgresql_ping:
    login_unix_socket: "{{ postgresql_unix_socket_directories }}"
    login_user: "{{ vaultwarden_user }}"
  become: true
  become_user: "{{ vaultwarden_user }}"

- name: Create Vaultwarden database user via socket
  postgresql_user:
    name: "{{ vaultwarden_db_user }}"
    password: "{{ vaultwarden_db_password }}"
    login_unix_socket: "{{ postgresql_unix_socket_directories }}"
    login_user: postgres
  become: true
  become_user: postgres

- name: Create Vaultwarden database via socket
  postgresql_db:
    name: "{{ vaultwarden_db_name }}"
    owner: "{{ vaultwarden_db_user }}"
    encoding: UTF8
    template: template0
    login_unix_socket: "{{ postgresql_unix_socket_directories }}"
    login_user: postgres
  become: true
  become_user: postgres

- name: Grant Vaultwarden database privileges
  postgresql_privs:
    db: "{{ vaultwarden_db_name }}"
    privs: ALL
    type: database
    role: "{{ vaultwarden_db_user }}"
    login_unix_socket: "{{ postgresql_unix_socket_directories }}"
    login_user: postgres
  become: true
  become_user: postgres

- name: Display database setup status
  debug:
    msg: |
      Vaultwarden database setup complete!
      
      Database: {{ vaultwarden_db_name }}
      User: {{ vaultwarden_db_user }}
      Connection: Unix socket ({{ postgresql_unix_socket_directories }})
      
      Ready for Vaultwarden container deployment