- name: Install MariaDB
  ansible.builtin.apt:
    name: mariadb-server
    state: present

- name: Set MariaDB restarted fact
  ansible.builtin.set_fact:
    mariadb_restarted: false

- name: Regather facts for the potentially new docker0 interface
  ansible.builtin.setup:

- name: Change the bind-address to allow from docker0
  ansible.builtin.lineinfile:
    path: /etc/mysql/mariadb.conf.d/50-server.cnf
    regex: "^bind-address"
    line: "bind-address            = {{ ansible_facts.docker0.ipv4.address }}"
  notify: restart_mariadb

- name: Flush handlers to ensure MariaDB restarts immediately
  ansible.builtin.meta: flush_handlers
  tags: restart_mariadb

- name: Allow database connections from Docker
  community.general.ufw:
    rule: allow
    port: "3306"
    proto: tcp
    src: "{{ item }}"
  loop: "{{ mariadb_trust | default(['172.16.0.0/12']) }}"