- name: Install Samba
  ansible.builtin.apt:
    name: samba
    state: present

- name: Create Samba users
  ansible.builtin.command: "smbpasswd -a {{ item.name }}"
  args:
    stdin: "{{ item.password }}\n{{ item.password }}"
  loop: "{{ samba.users }}"
  loop_control:
    label: "{{ item.name }}"
  register: samba_users
  changed_when: "'Added user' in samba_users.stdout"

- name: Ensure share directories exist
  ansible.builtin.file:
    path: "{{ item.path }}"
    owner: "{{ item.owner }}"
    group: "{{ item.group }}"
    state: directory
    mode: "755"
  loop: "{{ samba.shares }}"

- name: Configure Samba shares
  ansible.builtin.template:
    src: smb.conf.j2
    dest: /etc/samba/smb.conf
    mode: "644"
  notify: restart_samba

- name: Start smbd and enable on boot
  ansible.builtin.service:
    name: smbd
    state: started
    enabled: true

- name: Allow SMB connections
  community.general.ufw:
    rule: allow
    port: 445
    proto: tcp
    from: "{{ item }}"
    state: enabled
  loop: "{{ samba.firewall }}"
  when: manage_firewall