---

- name: docker | Check on state of docker instance
  command: "docker inspect {{ vault_container_name }}"
  ignore_errors: true
  register: vault_container_inspect

- name: docker | Set fact on container status
  set_fact:
      vault_container_inspect_json: "{{ vault_container_inspect.stdout|from_json }}"
  when: vault_container_inspect|succeeded

# Not sure if State.Running is the best check here...
- name: docker | Remove old container if it's not currently running
  command: "docker rm {{ vault_container_name }}"
  when: vault_container_inspect|succeeded and not vault_container_inspect_json[0]["State"]["Running"]|bool

- name: docker | Start a new Vault instance
  command: >
           docker run -d --cap-add=IPC_LOCK --name {{vault_container_name}} -p {{vault_port}}:{{vault_port}}
           -e 'VAULT_LOCAL_CONFIG={{ vault_config|to_json }}'
           -v /etc/vault:/etc/vault
           {{vault_image_repo}}:{{vault_version}} server
  register: vault_docker_start
  when: vault_container_inspect|failed or not vault_container_inspect_json[0]["State"]["Running"]|bool