---
- name: Ensure Wazuh data directory exists
  file:
    path: "{{ wazuh_data_dir | default('/opt/wazuh') }}"
    state: directory
    owner: "{{ svc_wazuh }}"
    group: "{{ svc_wazuh }}"
    mode: '0755'

- name: Deploy wazuh.env file
  template:
    src: wazuh/.env.j2
    dest: "{{ wazuh_data_dir }}/.env"
    owner: "{{ svc_wazuh }}"
    group: "{{ svc_wazuh }}"
    mode: '0640'

- name: Deploy Wazuh podman-compose file
  template:
    src: wazuh/podman-compose.yml.j2
    dest: "{{ wazuh_data_dir }}/podman-compose.yml"
    owner: "{{ svc_wazuh }}"
    group: "{{ svc_wazuh }}"
    mode: '0644'

- name: Deploy Wazuh systemd unit
  template:
    src: wazuh/wazuh.service.j2
    dest: "/etc/systemd/system/podman-wazuh.service"
    mode: '0644'

- name: Reload systemd and enable wazuh
  systemd:
    daemon_reload: true
    name: podman-wazuh
    enabled: true
    state: started