---
- name: Enable systemd services
  when: _configuration_platform.init_system == 'systemd'
  vars:
    _desktop_dm: >-
      {{
        system_cfg.features.desktop.display_manager
        if (system_cfg.features.desktop.display_manager | length > 0)
        else (configuration_desktop_dm_map[system_cfg.features.desktop.environment] | default(''))
      }}
    configuration_systemd_services: >-
      {{
        ['NetworkManager']
        + (['firewalld'] if system_cfg.features.firewall.backend == 'firewalld' and system_cfg.features.firewall.enabled | bool else [])
        + (['ufw'] if system_cfg.features.firewall.backend == 'ufw' and system_cfg.features.firewall.enabled | bool else [])
        + ([_configuration_platform.ssh_service] if system_cfg.features.ssh.enabled | bool else [])
        + (['logrotate', 'systemd-timesyncd'] if os == 'archlinux' else [])
        + ([_desktop_dm] if system_cfg.features.desktop.enabled | bool and _desktop_dm | length > 0 else [])
        + (['bluetooth'] if system_cfg.features.desktop.enabled | bool else [])
      }}
  ansible.builtin.command: "{{ chroot_command }} systemctl enable {{ item }}"
  loop: "{{ configuration_systemd_services }}"
  register: configuration_enable_service_result
  changed_when: configuration_enable_service_result.rc == 0

- name: Activate UFW firewall
  when:
    - system_cfg.features.firewall.backend == 'ufw'
    - system_cfg.features.firewall.enabled | bool
  ansible.builtin.command: "{{ chroot_command }} ufw --force enable"
  register: _ufw_enable_result
  changed_when: _ufw_enable_result.rc == 0
  failed_when: false

- name: Set default systemd target to graphical
  when:
    - _configuration_platform.init_system == 'systemd'
    - system_cfg.features.desktop.enabled | bool
  ansible.builtin.command: "{{ chroot_command }} systemctl set-default graphical.target"
  register: _desktop_target_result
  changed_when: _desktop_target_result.rc == 0

- name: Enable OpenRC services
  when: _configuration_platform.init_system == 'openrc'
  vars:
    configuration_openrc_services: >-
      {{
        ['networking']
        + (['sshd'] if system_cfg.features.ssh.enabled | bool else [])
        + ([system_cfg.features.firewall.backend] if system_cfg.features.firewall.enabled | bool else [])
      }}
  block:
    - name: Ensure OpenRC runlevel directory exists
      ansible.builtin.file:
        path: /mnt/etc/runlevels/default
        state: directory
        mode: "0755"

    - name: Check OpenRC init scripts
      ansible.builtin.stat:
        path: "/mnt/etc/init.d/{{ item }}"
      loop: "{{ configuration_openrc_services }}"
      register: configuration_openrc_service_stats

    - name: Enable OpenRC services
      ansible.builtin.file:
        src: "/mnt/etc/init.d/{{ item.item }}"
        dest: "/mnt/etc/runlevels/default/{{ item.item }}"
        state: link
      loop: "{{ configuration_openrc_service_stats.results }}"
      loop_control:
        label: "{{ item.item }}"
      when: item.stat.exists

- name: Enable runit services
  when: _configuration_platform.init_system == 'runit'
  vars:
    configuration_runit_services: >-
      {{
        ['dhcpcd']
        + (['sshd'] if system_cfg.features.ssh.enabled | bool else [])
        + ([system_cfg.features.firewall.backend] if system_cfg.features.firewall.enabled | bool else [])
      }}
  block:
    - name: Ensure runit service directory exists
      ansible.builtin.file:
        path: /mnt/var/service
        state: directory
        mode: "0755"

    - name: Check runit service definitions
      ansible.builtin.stat:
        path: "/mnt/etc/sv/{{ item }}"
      loop: "{{ configuration_runit_services }}"
      register: configuration_runit_service_stats

    - name: Enable runit services
      ansible.builtin.file:
        src: "/mnt/etc/sv/{{ item.item }}"
        dest: "/mnt/var/service/{{ item.item }}"
        state: link
      loop: "{{ configuration_runit_service_stats.results }}"
      loop_control:
        label: "{{ item.item }}"
      when: item.stat.exists