- name: Update Nextcloud (Ansible-native)
  hosts: proxmox_nextcloud
  become: true
  gather_facts: false

  vars:
    DEBUG: "{{ lookup('env', 'DEBUG') | default(0) | int }}"
    RETRIES: "{{ lookup('env', 'RETRIES') | default(25) | int }}"

    nextcloud_project: "nextcloud-collabora"
    compose_file: "/data/compose/nextcloud/docker-compose-nextcloud.yml"
    backup_dir: "/data/compose/nextcloud/backup-{{ ansible_date_time.iso8601_basic_short }}"

    nextcloud_base_url: "https://cloud.martinfencl.eu"
    nextcloud_status_url: "{{ nextcloud_base_url }}/status.php"

  tasks:
    # -------------------------
    # Pre-check
    # -------------------------
    - name: Show current Nextcloud version (DEBUG)
      command: docker exec -u www-data nextcloud php occ -V
      register: nc_version
      changed_when: false
      failed_when: false
      when: DEBUG == 1

    - debug:
        var: nc_version.stdout
      when: DEBUG == 1

    # -------------------------
    # Backup
    # -------------------------
    - name: Enable maintenance mode
      command: docker exec -u www-data nextcloud php occ maintenance:mode --on

    - name: Create backup directory
      file:
        path: "{{ backup_dir }}"
        state: directory

    - name: Backup config and custom_apps
      command: >
        docker exec nextcloud
        tar czf /tmp/nextcloud_conf.tgz -C /var/www/html config custom_apps

    - name: Copy config backup out of container
      command: docker cp nextcloud:/tmp/nextcloud_conf.tgz {{ backup_dir }}/

    - name: Remove temp archive from container
      command: docker exec nextcloud rm -f /tmp/nextcloud_conf.tgz

    - name: Backup database
      shell: >
        docker exec nextcloud-db sh -c
        'command -v mariadb-dump >/dev/null &&
         mariadb-dump -u"$MYSQL_USER" -p"$MYSQL_PASSWORD" "$MYSQL_DATABASE" ||
         mysqldump -u"$MYSQL_USER" -p"$MYSQL_PASSWORD" "$MYSQL_DATABASE"'
      register: db_dump

    - name: Save database dump
      copy:
        content: "{{ db_dump.stdout }}"
        dest: "{{ backup_dir }}/db.sql"

    # -------------------------
    # Upgrade
    # -------------------------
    - name: Pull new Nextcloud image
      command: docker compose -p {{ nextcloud_project }} -f {{ compose_file }} pull nextcloud

    - name: Recreate Nextcloud container
      command: docker compose -p {{ nextcloud_project }} -f {{ compose_file }}
               up -d --no-deps --force-recreate nextcloud

    - name: Run Nextcloud upgrade
      command: docker exec -u www-data nextcloud php occ upgrade

    - name: Update apps
      command: docker exec -u www-data nextcloud php occ app:update --all
      failed_when: false

    - name: Run maintenance repair
      command: docker exec -u www-data nextcloud php occ maintenance:repair --include-expensive
      failed_when: false

    - name: Disable maintenance mode
      command: docker exec -u www-data nextcloud php occ maintenance:mode --off

    # -------------------------
    # Readiness check
    # -------------------------
    - name: Wait for status.php
      uri:
        url: "{{ nextcloud_status_url }}"
        status_code: 200
        return_content: true
        validate_certs: true
      register: nc_status
      retries: "{{ RETRIES }}"
      delay: 4
      until: nc_status.status == 200
      changed_when: false

    - name: Print status summary (DEBUG)
      debug:
        msg: >
          Nextcloud {{ nc_status.json.version }}
          (installed={{ nc_status.json.installed }},
           maintenance={{ nc_status.json.maintenance }},
           needsDbUpgrade={{ nc_status.json.needsDbUpgrade }})
      when: DEBUG == 1