- name: Pull Portainer Podman image
  containers.podman.podman_image:
    name: portainer/portainer-ce

- name: Create Portainer container
  containers.podman.podman_container:
    name: portainer
    image: docker.io/portainer/portainer-ce
    state: started
    ports:
      - "9000:9000"
    volumes:
      - "/run/podman/podman.sock:/run/podman/podman.sock"
      - "portainer_data:/data"
    restart_policy: unless-stopped
    healthcheck:
      test: "curl -f http://localhost:9000 || exit 1"
      interval: 5s
      timeout: 3s
      retries: 3
      start_period: 30s
  become: false

- name: Ensure Portainer container is running
  containers.podman.podman_container:
    name: portainer
    state: started
  become: false

- name: Allow Portainer UI port
  ansible.posix.firewalld:
    port: 9000/tcp
    permanent: true
    state: enabled
    immediate: true
  become: true