---
### tags:
###   update_config
###   update_deployment

- name: "Setup DNS configuration for {{ inventory_hostname }} pgadmin4"
  include_role:
    name: hetzner-ansible-dns
  vars:
    record_data: "{{ stage_server_ip }}"
    record_name: "{{ inventory_hostname }}"

- name: Create 'pgadmin' user
  user:
    name: pgadmin
    comment: PGAdmin user
    createhome: yes

- name: "Check if {{ inventory_hostname }}/docker-compose.yml exists"
  stat:
    path: "{{ service_base_path }}/{{ inventory_hostname }}/docker-compose.yml"
  register: check_docker_compose_file
  tags:
    - update_config
    - update_deployment

- name: "Stop {{ inventory_hostname }}"
  community.docker.docker_compose:
    project_src: "{{ service_base_path }}/{{ inventory_hostname }}"
    state: absent
  when: check_docker_compose_file.stat.exists
  tags:
    - update_deployment

- name: "Deploy docker templates for {{ inventory_hostname }}"
  include_role:
    name: hetzner-ansible-sma-deploy
    tasks_from: templates
  vars:
    current_config: "_docker"
    current_base_path: "{{ service_base_path }}"
    current_destination: "{{ inventory_hostname }}"
    current_owner: "{{ docker_owner }}"
    current_group: "{{ docker_group }}"
    current_docker: "{{ pgadmin4_docker }}"
  tags:
    - update_config

- name: "Deploy service templates for {{ inventory_hostname }}"
  include_role:
    name: hetzner-ansible-sma-deploy
    tasks_from: templates
  vars:
    current_config: "pgadmin4"
    current_base_path: "{{ service_base_path }}"
    current_destination: "{{ inventory_hostname }}"
    current_owner: "{{ docker_owner }}"
    current_group: "{{ docker_group }}"
  tags:
    - update_config

- name: "Update {{ inventory_hostname }}"
  community.docker.docker_compose:
    project_src: "{{ service_base_path }}/{{ inventory_hostname }}"
    state: present
    pull: yes
  tags:
    - update_deployment

# Initialize Login process against Keycloak server
- name: "Initialize SSO Login on Pgadmin4"
  uri:
    url: "{{ shared_service_url_pgadmin4 }}/authenticate/login"
    method: GET
    body_format: form-urlencoded
    body:
      oauth2_button: "keycloak"
      username: "{{ pgadmin4_oidc_dev_username }}"
      password: "{{ pgadmin4_oidc_dev_password }}"
      grant_type: "password"
      login: "Anmelden"
    return_content: true
    status_code: 200
  register: kc_session_response
  until: kc_session_response.status == 200
  retries: 10
  delay: 5
  tags:
    - update_config

- name: "Extract Keycloak Login url"
  set_fact:
    url:
      "{{ kc_session_response.content | regex_search('action=\"([^\"]+)\"') | \
      regex_replace('action=\"', '') | regex_replace('\"', '') | \
      regex_replace('&', '&') }}"
  tags:
    - update_config

# This Step will trigger pgadmin4 to automatically create the user, if not already present
- name: "Login as user {{ pgadmin4_oidc_dev_username }} on Keycloak"
  uri:
    url: "{{ url }}"
    method: POST
    headers:
      Cookie: "{{ kc_session_response.cookies_string }}"
    body_format: form-urlencoded
    body:
      username: "{{ pgadmin4_oidc_dev_username }}"
      password: "{{ pgadmin4_oidc_dev_password }}"
    return_content: true
    follow_redirects: "all"
  register: kc_login_response
  tags:
    - update_config