Create rancher systemd unit file:
  file.managed:
    - name: /etc/systemd/system/rancher.service
    - source: salt://rancher/files/rancher.service
    - user: root
    - group: root
    - mode: "0644"

Realod systemd daemon:
  cmd.run:
    - name: systemctl daemon-reload
    - onchanges:
      - file: Create rancher systemd unit file

Pull rancher image:
  cmd.run:
    - name: "podman image pull {{ pillar['rancher']['url'] }}:{{ pillar['rancher']['tag'] }}"
    - unless: "podman image exists {{ pillar['rancher']['url'] }}:{{ pillar['rancher']['tag'] }}"

Add persistant storage folder:
  file.directory:
    - name: /srv/rancher-container
    - user: root
    - group: root
    - mode: "0640"
    - replace: False

Stop rancher container before rebuild:
  service.dead:
    - name: rancher
    - onchanges:
      - cmd: Pull rancher image

Remove old rancher container:
  cmd.run:
    - name: podman container rm rancher
    - onlyif: podman container exists rancher
    - onchanges:
      - cmd: Pull rancher image

Create rancher container:
  cmd.run:
    - name: podman container create --name rancher --privileged --publish 6080:80 --publish 6443:443 --volume /etc/rancher/ssl/rancher-server.crt:/etc/rancher/ssl/cert.pem --volume /etc/rancher/ssl/rancher-server.key:/etc/rancher/ssl/key.pem --volume /etc/rancher/ssl/rancher-ca.crt:/etc/rancher/ssl/cacerts.pem --volume /srv/rancher-container:/var/lib/rancher --env CATTLE_BOOTSTRAP_PASSWORD={{ pillar['rancher']['bootstrapPassword'] }} {{ pillar['rancher']['url'] }}:{{ pillar['rancher']['tag'] }}
    - unless: podman container exists rancher

Start the rancher container:
  service.running:
    - name: rancher
    - enable: True
    - watch: 
      - file: Create rancher systemd unit file