{{/* Make sure all variables are set properly */}}
{{- include "tc.v1.common.loader.init" . }}

{{- include "authentik.validation" $ -}}

{{/* Render secrets for authentik and friends */}}
{{- $secrets := include "authentik.secrets" . | fromYaml -}}
{{- if $secrets -}}
  {{ $secrets := (mustMergeOverwrite .Values.secret $secrets) }}
  {{- $_ := set .Values "secret" $secrets -}}
{{- end -}}

{{/* Render configmaps for authentik and friends */}}
{{- $configmaps := include "authentik.configmaps" . | fromYaml -}}
{{- if $configmaps -}}
  {{ $configmaps := (mustMergeOverwrite .Values.configmap $configmaps) }}
  {{- $_ := set .Values "configmap" $configmaps -}}
{{- end -}}

{{- if .Values.authentik.general.overwriteDefaultBlueprints -}}
  {{- $_ := set .Values.persistence.blueprints.targetSelector.worker.worker "mountPath" "/blueprints" -}}
{{- end -}}

{{- if .Values.authentik.geoip.enabled -}}
  {{- $_ := set .Values.workload.geoip "enabled" true -}}
{{- else -}}
  {{- $_ := set .Values.workload.geoip "enabled" false -}}
  {{- $_ := set .Values.persistence.geoip "enabled" false -}}
{{- end -}}

{{- if or .Values.authentik.geoip.enabled .Values.authentik.geoip.wipeBuiltInDb -}}
  {{- $_ := set .Values.persistence.geoip "enabled" true -}}
{{- end -}}

{{- if .Values.authentik.outposts.proxy.enabled -}}
  {{- $_ := set .Values.workload.proxy "enabled" true -}}
  {{- if not .Values.workload.proxy.podSpec.initContainers -}}
    {{- $_ := set .Values.workload.proxy.podSpec "initContainers" dict -}}
  {{- end -}}
  {{- $_ := set .Values.workload.proxy.podSpec.initContainers "wait-server" (include "authentik.wait.server" . | fromYaml) -}}
  {{- $_ := set .Values.service.proxy "enabled" true -}}
  {{- $_ := set .Values.service.proxymetrics "enabled" true -}}
  {{- $_ := set .Values.metrics.proxymetrics "enabled" true -}}
{{- else -}}
  {{- $_ := set .Values.workload.proxy "enabled" false -}}
  {{- $_ := set .Values.service.proxy "enabled" false -}}
  {{- $_ := set .Values.service.proxymetrics "enabled" false -}}
  {{- $_ := set .Values.metrics.proxymetrics "enabled" false -}}
{{- end -}}

{{- if .Values.authentik.outposts.radius.enabled -}}
  {{- $_ := set .Values.workload.radius "enabled" true -}}
  {{- if not .Values.workload.radius.podSpec.initContainers -}}
    {{- $_ := set .Values.workload.radius.podSpec "initContainers" dict -}}
  {{- end -}}
  {{- $_ := set .Values.workload.radius.podSpec.initContainers "wait-server" (include "authentik.wait.server" . | fromYaml) -}}
  {{- $_ := set .Values.service.radius "enabled" true -}}
  {{- $_ := set .Values.service.radiusmetrics "enabled" true -}}
  {{- $_ := set .Values.metrics.radiusmetrics "enabled" true -}}
{{- else -}}
  {{- $_ := set .Values.workload.radius "enabled" false -}}
  {{- $_ := set .Values.service.radius "enabled" false -}}
  {{- $_ := set .Values.service.radiusmetrics "enabled" false -}}
  {{- $_ := set .Values.metrics.radiusmetrics "enabled" false -}}
{{- end -}}

{{- if .Values.authentik.outposts.ldap.enabled -}}
  {{- $_ := set .Values.workload.ldap "enabled" true -}}
  {{- if not .Values.workload.ldap.podSpec.initContainers -}}
    {{- $_ := set .Values.workload.ldap.podSpec "initContainers" dict -}}
  {{- end -}}
  {{- $_ := set .Values.workload.ldap.podSpec.initContainers "wait-server" (include "authentik.wait.server" . | fromYaml) -}}
  {{- $_ := set .Values.service.ldap "enabled" true -}}
  {{- $_ := set .Values.service.ldaps "enabled" true -}}
  {{- $_ := set .Values.service.ldapmetrics "enabled" true -}}
  {{- $_ := set .Values.metrics.ldapmetrics "enabled" true -}}
{{- else -}}
  {{- $_ := set .Values.workload.ldap "enabled" false -}}
  {{- $_ := set .Values.service.ldap "enabled" false -}}
  {{- $_ := set .Values.service.ldaps "enabled" false -}}
  {{- $_ := set .Values.service.ldapmetrics "enabled" false -}}
  {{- $_ := set .Values.metrics.ldapmetrics "enabled" false -}}
{{- end -}}

{{/* FIXME: See values.yaml */}}
{{- $_ := set .Values.service.servermetrics "enabled" false -}}
{{- $_ := set .Values.service.proxymetrics "enabled" false -}}
{{- $_ := set .Values.service.radiusmetrics "enabled" false -}}
{{- $_ := set .Values.service.ldapmetrics "enabled" false -}}

{{- $_ := set .Values.metrics.servermetrics "enabled" false -}}
{{- $_ := set .Values.metrics.proxymetrics "enabled" false -}}
{{- $_ := set .Values.metrics.radiusmetrics "enabled" false -}}
{{- $_ := set .Values.metrics.ldapmetrics "enabled" false -}}

{{/* Render the templates */}}
{{ include "tc.v1.common.loader.apply" . }}