---
- name: Borg Backup Installation and Configuration
  block:
    - name: Check if Borg is already installed
      ansible.builtin.command: which borg
      register: borg_check
      ignore_errors: true
      changed_when: false

    - name: Ensure Borg is installed
      ansible.builtin.package:
        name: borg
        state: present
      become: true
      when: borg_check.rc != 0

    - name: Set Borg backup facts
      ansible.builtin.set_fact:
        borg_passphrase: "{{ lookup('community.general.onepassword', 'Borg Backup', vault='Dotfiles', field='password') }}"
        borg_config_dir: "{{ ansible_env.HOME }}/.config/borg"
        borg_backup_dir: "/mnt/services"
        borg_repo_dir: "/mnt/object_storage/borg-repo"

    - name: Create Borg directories
      ansible.builtin.file:
        path: "{{ borg_dir }}"
        state: directory
        mode: "0755"
      loop:
        - "{{ borg_config_dir }}"
        - "/mnt/object_storage"
      loop_control:
        loop_var: borg_dir
      become: true

    - name: Check if Borg repository exists
      ansible.builtin.stat:
        path: "{{ borg_repo_dir }}/config"
      register: borg_repo_check
      become: true

    - name: Initialize Borg repository
      ansible.builtin.command: >
        borg init --encryption=repokey {{ borg_repo_dir }}
      environment:
        BORG_PASSPHRASE: "{{ borg_passphrase }}"
      become: true
      when: not borg_repo_check.stat.exists

    - name: Create Borg backup script
      ansible.builtin.template:
        src: templates/borg-backup.sh.j2
        dest: "{{ borg_config_dir }}/backup.sh"
        mode: "0755"
      become: true

    - name: Create Borg systemd service
      ansible.builtin.template:
        src: templates/borg-backup.service.j2
        dest: /etc/systemd/system/borg-backup.service
        mode: "0644"
      become: true
      register: borg_service

    - name: Create Borg systemd timer
      ansible.builtin.template:
        src: templates/borg-backup.timer.j2
        dest: /etc/systemd/system/borg-backup.timer
        mode: "0644"
      become: true
      register: borg_timer

    - name: Reload systemd daemon
      ansible.builtin.systemd:
        daemon_reload: true
      become: true
      when: borg_service.changed or borg_timer.changed

    - name: Enable and start Borg backup timer
      ansible.builtin.systemd:
        name: borg-backup.timer
        enabled: true
        state: started
      become: true

    - name: Display Borg backup status
      ansible.builtin.debug:
        msg: "Borg backup is configured and will run daily at 2 AM. Logs available at /var/log/borg-backup.log"

  tags:
    - borg-backup
    - borg
    - backup