---
# =============================================================================
# Shared Caddy Reverse Proxy Playbook
# =============================================================================
# Deploys single Caddy instance that proxies to Gitea and NetBird.
# Run AFTER deploying Gitea and NetBird (needs their networks).
#
# Prerequisites:
#   1. Gitea deployed (creates gitea_gitea network)
#   2. NetBird deployed (creates netbird_netbird network)
#   3. DNS records pointing to VPS
#
# Usage:
#   ansible-playbook -i poc-inventory.yml playbook.yml
# =============================================================================

- name: Deploy Shared Caddy Reverse Proxy
  hosts: caddy_servers
  become: true
  vars_files:
    - group_vars/caddy_servers.yml

  pre_tasks:
    - name: Check if Gitea network exists
      ansible.builtin.command:
        cmd: docker network inspect {{ gitea_network }}
      register: gitea_network_check
      failed_when: false
      changed_when: false

    - name: Check if NetBird network exists
      ansible.builtin.command:
        cmd: docker network inspect {{ netbird_network }}
      register: netbird_network_check
      failed_when: false
      changed_when: false

    - name: Warn about missing networks
      ansible.builtin.debug:
        msg: |
          WARNING: Some service networks don't exist yet.
          Gitea network ({{ gitea_network }}): {{ 'EXISTS' if gitea_network_check.rc == 0 else 'MISSING - deploy Gitea first' }}
          NetBird network ({{ netbird_network }}): {{ 'EXISTS' if netbird_network_check.rc == 0 else 'MISSING - deploy NetBird first' }}

          Caddy will fail to start until both networks exist.
      when: gitea_network_check.rc != 0 or netbird_network_check.rc != 0

  tasks:
    # =========================================================================
    # Stop existing Caddy if running elsewhere
    # =========================================================================
    - name: Check for Caddy in Gitea deployment
      ansible.builtin.stat:
        path: /opt/gitea/docker-compose.yml
      register: gitea_compose

    - name: Stop Caddy in Gitea deployment
      ansible.builtin.shell: |
        cd /opt/gitea && docker compose stop caddy && docker compose rm -f caddy
      when: gitea_compose.stat.exists
      failed_when: false
      changed_when: true

    # =========================================================================
    # Caddy Directory Structure
    # =========================================================================
    - name: Create Caddy directory
      ansible.builtin.file:
        path: "{{ caddy_base_dir }}"
        state: directory
        mode: "0755"

    # =========================================================================
    # Deploy Configuration Files
    # =========================================================================
    - name: Deploy docker-compose.yml
      ansible.builtin.template:
        src: templates/docker-compose.yml.j2
        dest: "{{ caddy_base_dir }}/docker-compose.yml"
        mode: "0644"

    - name: Deploy Caddyfile
      ansible.builtin.template:
        src: templates/Caddyfile.j2
        dest: "{{ caddy_base_dir }}/Caddyfile"
        mode: "0644"
      register: caddyfile_changed

    # =========================================================================
    # Start Caddy
    # =========================================================================
    - name: Pull Caddy image
      ansible.builtin.command:
        cmd: docker compose pull
        chdir: "{{ caddy_base_dir }}"
      changed_when: true

    - name: Start Caddy
      ansible.builtin.command:
        cmd: docker compose up -d
        chdir: "{{ caddy_base_dir }}"
      changed_when: true

    - name: Reload Caddy config if changed
      ansible.builtin.command:
        cmd: docker compose exec caddy caddy reload --config /etc/caddy/Caddyfile
        chdir: "{{ caddy_base_dir }}"
      when: caddyfile_changed.changed
      failed_when: false
      changed_when: true

    # =========================================================================
    # Deployment Summary
    # =========================================================================
    - name: Display deployment status
      ansible.builtin.debug:
        msg: |
          ============================================
          Shared Caddy Deployed!
          ============================================

          Proxying:
            - https://{{ gitea_domain }} -> gitea:{{ gitea_http_port }}
            - https://{{ netbird_domain }} -> netbird services

          ============================================

          View logs:
            ssh root@{{ ansible_host }} "cd {{ caddy_base_dir }} && docker compose logs -f"

          Reload config after changes:
            ssh root@{{ ansible_host }} "cd {{ caddy_base_dir }} && docker compose exec caddy caddy reload --config /etc/caddy/Caddyfile"

          ============================================