lxc:
  pkg.installed
  
lxc-create-symlink:
  file.symlink:
    - name: /lxc
    - target: /var/lib/lxc

{%- if pillar['lxc'] is defined -%}
{%- for container in pillar['lxc'] %}
{{container}}-create:
  lxc.present:
    - name: {{container}}
    - profile: base
    
{% set bind_dirs = ['tmp'] %}
{%- set overlay_dirs = ['etc','opt','srv','usr','var','root'] -%}
{%- set hidden_files = ['etc/salt/minion_id','etc/salt/grains','etc/fstab'] -%}
{%- set hidden_dirs = ['etc/systemd/system/multi-user.target.wants','etc/salt/pki','etc/nginx/certs','etc/nginx/conf.d'] -%}
{%- set base_dirs = ['boot','dev','etc','home','mnt','opt','proc','run','srv','sys','tmp','usr','var'] -%}
{%- set symlinks = {'bin':'usr/bin','lib':'usr/lib','lib64':'usr/lib','sbin':'usr/bin'} -%}

{%- if pillar['lxc'][container]['bind_dirs'] is defined -%}
  {% for bind_dir in pillar['lxc'][container]['bind_dirs'] if bind_dir not in bind_dirs %}
    {% do bind_dirs.append(bind_dir) %}
  {% endfor %}
{%- endif -%}
{%- if pillar['lxc'][container]['overlay_dirs'] is defined -%}
  {% for overlay_dir in pillar['lxc'][container]['overlay_dirs'] if overlay_dir not in overlay_dirs %}
    {% do overlay_dirs.append(overlay_dir) %}
  {% endfor -%}
{%- endif -%}
{%- if pillar['lxc'][container]['hidden_files'] is defined -%}
  {% for hidden_file in pillar['lxc'][container]['hidden_files'] if hidden_file not in hidden_files %}
    {% do hidden_files.append(hidden_file) %}
  {% endfor -%}
{%- endif -%}
{%- if pillar['lxc'][container]['hidden_dirs'] is defined -%}
  {% for hidden_dir in pillar['lxc'][container]['hidden_dirs'] if hidden_dir not in hidden_dirs %}
    {% do hidden_dirs.append(hidden_dir) %}
  {% endfor -%}
{%- endif -%}
{%- if pillar['lxc'][container]['symlinks'] is defined -%}
  {% do symlinks.update(pillar['lxc'][container]['symlinks']) %}
{%- endif %}

{{container}}-config:
  file.managed:
    - name: /var/lib/lxc/{{container}}/config
    - source: salt://roles/maintain/lxc/container.conf
    - template: jinja
    - context: 
        container: {{container}}
        bind_dirs: {{bind_dirs}}
        overlay_dirs: {{overlay_dirs}}
        
{{container}}-create-rootfs:
  file.directory:
    - name: /var/lib/lxc/{{container}}/rootfs/
{{container}}-create-upperdirs:
  file.directory:
    - name: /var/lib/lxc/{{container}}/upperdirs/
{{container}}-create-workdirs:
  file.directory:
    - name: /var/lib/lxc/{{container}}/workdirs/

{%- for overlay_dir in overlay_dirs %}
{{container}}-create-upperdir-{{overlay_dir}}:
  file.directory:
    - name: /var/lib/lxc/{{container}}/upperdirs/{{overlay_dir}}
{{container}}-create-workdir-{{overlay_dir}}:
  file.directory:
    - name: /var/lib/lxc/{{container}}/workdirs/{{overlay_dir}}
{{container}}-create-rootfs-{{overlay_dir}}:
  file.directory:
    - name: /var/lib/lxc/{{container}}/rootfs/{{overlay_dir}}
{%- endfor %}

{%- for bind_dir in bind_dirs %}
{{container}}-create-rootfs-{{bind_dir}}:
  file.directory:
    - name: /var/lib/lxc/{{container}}/rootfs/{{bind_dir}}
    - makedirs: true
{%- endfor %}

{%- for base_dir in base_dirs %}
{{container}}-create-{{base_dir}}:
  file.directory:
    - name: /var/lib/lxc/{{container}}/rootfs/{{base_dir}}
{%- endfor %}

{%- for symlink in symlinks %}
{{container}}-create-{{symlink}}:
  file.symlink:
    - name: /var/lib/lxc/{{container}}/rootfs/{{symlink}}
    - target: {{symlinks[symlink]}}
{%- endfor %}

{%- for hidden_file in hidden_files %}
{%- set directory = hidden_file | regex_search('.*\/') -%}
{%- if pillar['lxc'][container]['hidden_dirs'] is defined -%}
{{container}}-mkdir-for-{{hidden_file}}:
  file.directory:
    - name: /var/lib/lxc/{{container}}/upperdirs/{{directory}}
    - makedirs: true
{% endif %}
{{container}}-whiteout-{{hidden_file}}:
  file.mknod:
    - name: /var/lib/lxc/{{container}}/upperdirs/{{hidden_file}}
    - ntype: c
    - major: 0
    - minor: 0
    - user: root
    - group: root
    - mode: 400
    - onlyif: 'test ! -e /var/lib/lxc/{{container}}/upperdirs/{{hidden_file}}'
{%- endfor %}

{%- for hidden_dir in hidden_dirs %}
{{container}}-create-{{hidden_dir}}:
  file.directory:
    - name: /var/lib/lxc/{{container}}/upperdirs/{{hidden_dir}}
    - makedirs: true
{{container}}-hide-{{hidden_dir}}:
  cmd.run:
    - name: 'setfattr -n trusted.overlay.opaque -v y "/var/lib/lxc/{{container}}/upperdirs/{{hidden_dir}}"'
{%- endfor %}

{{container}}-running:
  service.running:
    - name: lxc@{{container}}.service
    - enable: true

{%- endfor %}
{%- endif %}