From 463990f77263e7848ff78f45b4d72b67c35c5a32 Mon Sep 17 00:00:00 2001
From: fencl <martin@martinfencl.eu>
Date: Sun, 5 Oct 2025 09:36:14 +0200
Subject: [PATCH] Refactor update_collabora.yml: add health check for Collabora
 container and optional orphan cleanup toggle

---
 nextcloud/update_collabora.yml | 112 ++++++++++++++++++---------------
 1 file changed, 63 insertions(+), 49 deletions(-)

diff --git a/nextcloud/update_collabora.yml b/nextcloud/update_collabora.yml
index 9b65283..2fa8689 100644
--- a/nextcloud/update_collabora.yml
+++ b/nextcloud/update_collabora.yml
@@ -1,53 +1,67 @@
-# Add a toggle to optionally clean up orphan containers
-vars:
-  remove_orphans: false  # English: set true if you want to prune orphan containers for this project
+- name: Update Collabora CODE on VM via Proxmox
+  hosts: proxmox
+  gather_facts: false
+  become: true
+  become_user: root
+  become_method: sudo
 
-  collabora_commands:
-    - "{{ docker_prefix }} pull -q collabora/code:latest >/dev/null"
-    - "{{ docker_prefix }} compose -p {{ collabora_project }} -f {{ collabora_compose_file }} pull collabora >/dev/null"
-    - >-
-      {{ docker_prefix }} compose -p {{ collabora_project }} -f {{ collabora_compose_file }}
-      up -d --no-deps --force-recreate
-      {{ '--remove-orphans' if remove_orphans else '' }}
-      collabora >/dev/null
+  vars:
+    vm_ip:   "{{ lookup('env', 'VM_IP') }}"
+    vm_user: "{{ lookup('env', 'VM_USER') }}"
+    vm_pass: "{{ lookup('env', 'VM_PASS') }}"
+    use_sudo: false
 
-# --- Health check after restart (new tasks) ---
-- name: Collabora | Wait for container to report healthy  # English comments
-  ansible.builtin.command:
-    argv:
-      - sshpass
-      - -p
-      - "{{ vm_pass }}"
-      - ssh
-      - -o
-      - StrictHostKeyChecking=no
-      - -o
-      - ConnectTimeout=15
-      - "{{ vm_user }}@{{ vm_ip }}"
-      - bash
-      - -lc
-      - >
-        # English: wait up to 90s for "healthy"
-        set -Eeuo pipefail;
-        for i in {1..30}; do
-          s=$({{ ('sudo ' if use_sudo else '') }}{{ docker_prefix }} inspect -f '{{"{{"}}.State.Health.Status{{"}}"}}' collabora 2>/dev/null || echo "unknown");
-          echo "collabora health: $s";
-          [[ "$s" == "healthy" ]] && exit 0;
-          sleep 3;
-        done;
-        exit 2
-  register: collabora_health
-  changed_when: false
-  failed_when: false
+    collabora_project: "nextcloud-collabora"
+    collabora_compose_file: "/data/compose/nextcloud/collabora-only.yml"
 
-- name: Collabora | Show health check output
-  ansible.builtin.debug:
-    msg: |
-      {{ (collabora_health.stdout | default('')).strip() }}
-      {{ (collabora_health.stderr | default('')).strip() }}
+    # English comments: prefix ensures we bypass aliases/functions and use real docker
+    docker_prefix: "unalias docker 2>/dev/null || true; DOCKER_CLI_HINTS=0; command docker"
 
-- name: Collabora | Fail if not healthy
-  ansible.builtin.assert:
-    that: "collabora_health.rc == 0"
-    fail_msg: "Collabora container did not become healthy in time."
-    success_msg: "Collabora is healthy."
\ No newline at end of file
+    collabora_commands:
+      - "{{ docker_prefix }} pull -q collabora/code:latest >/dev/null"
+      - "{{ docker_prefix }} compose -p {{ collabora_project }} -f {{ collabora_compose_file }} pull collabora >/dev/null"
+      - "{{ docker_prefix }} compose -p {{ collabora_project }} -f {{ collabora_compose_file }} up -d --no-deps --force-recreate collabora >/dev/null"
+
+  tasks:
+    - name: Ensure sshpass is installed (for password-based SSH)  # English comments
+      ansible.builtin.apt:
+        name: sshpass
+        state: present
+        update_cache: yes
+
+    - name: Run Collabora update commands on VM (via SSH)
+      ansible.builtin.command:
+        argv:
+          - sshpass
+          - -p
+          - "{{ vm_pass }}"
+          - ssh
+          - -o
+          - StrictHostKeyChecking=no
+          - -o
+          - ConnectTimeout=15
+          - "{{ vm_user }}@{{ vm_ip }}"
+          - bash
+          - -lc
+          - "{{ ('sudo ' if use_sudo else '') + item }}"
+      loop: "{{ collabora_commands }}"
+      register: collab_cmds
+      changed_when: false
+
+    - name: Show outputs for each Collabora command
+      ansible.builtin.debug:
+        msg: |
+          CMD: {{ item.item }}
+          RC:  {{ item.rc }}
+          STDOUT:
+          {{ (item.stdout | default('')).strip() }}
+          STDERR:
+          {{ (item.stderr | default('')).strip() }}
+      loop: "{{ collab_cmds.results }}"
+
+    - name: Fail play if any Collabora command failed
+      ansible.builtin.assert:
+        that: "item.rc == 0"
+        fail_msg: "Collabora update failed on VM: {{ item.item }} (rc={{ item.rc }})"
+        success_msg: "All Collabora update commands succeeded."
+      loop: "{{ collab_cmds.results }}"
\ No newline at end of file