# Pick a random port to use for our uplink port.
resource "random_integer" "quassel_port" {
  max = 65535
  min = 1024
}

# Build our latest quassel docker image.
resource "docker_image" "quassel" {
  name = "${var.docker_prefix}-quassel"
  build {
    context = "${path.module}/quassel"
  }
  triggers = {
    dir_sha1 = sha1(join("", [for f in fileset(path.module, "quassel/*") : filesha1(f)]))
  }
}

# Create a network for our quassel service and postgres service to communicate upon
resource "docker_network" "quassel" {
  name   = "${var.docker_prefix}-quassel"
  driver = "overlay" # We're using overlay networking because its fuckin' rad.
}

# Create our Quassel docker service.
resource "docker_service" "quassel" {
  name = "${var.docker_prefix}-quassel"

  # We need the database to be present for this container to work, so we can explicitly tell TF about it here
  depends_on = [docker_service.quassel_db]

  # We're going to define the task specification
  task_spec {
    # Which contains a container specification
    container_spec {
      # Which has a docker image set
      #image = "${data.docker_registry_image.quassel.name}@${data.docker_registry_image.quassel.sha256_digest}"
      image = docker_image.quassel.name
      env = {
        # And a bunch of environment variables as per the upstream documentation.
        PUID               = 1000
        PGID               = 1000
        TZ                 = var.tz
        RUN_OPTS           = "--config-from-environment"
        DB_BACKEND         = "PostgreSQL"
        DB_PGSQL_USERNAME  = local.pg_username
        DB_PGSQL_PASSWORD  = local.pg_password
        DB_PGSQL_HOSTNAME  = local.pg_hostname
        DB_PGSQL_PORT      = local.pg_port_internal
        AUTH_AUTHENTICATOR = "Database"
      }
    }
    # Attach our task to the network we created earlier
    networks_advanced {
      name = docker_network.quassel.id
    }
  }
  # Setting a converge config means that we will wait for the service to be up and running (and reporting it is healthy) before moving on.
  converge_config {
    delay   = "5s" # Wait 5 seconds between checks
    timeout = "2m" # Give up after 2 minutes
  }
  endpoint_spec {
    # Configure our service to listen on a random port on the ingress network (which means any node in the swarm will redirect the traffic to (an instance of) this service)
    ports {
      target_port    = 4242               # default quassel port on the container
      published_port = local.quassel_port # Use the random port we generated earlier
      protocol       = "tcp"
      publish_mode   = "ingress" # Its that fwicked cool sweet awesome overlay network again, but this time ingress from the outside of the cluster
    }
  }
}