---
# Deploy Unifi Stack Locally on network-services
# - Cleans up old MongoDB from databases VM
# - Deploys MongoDB + Unifi together on network-services
# - Uses local bridge network, proper resource limits, labels

- name: Cleanup old MongoDB from databases VM
  hosts: databases
  gather_facts: no
  tags: [cleanup]
  tasks:
    - name: Stop and remove MongoDB containers
      shell: |
        docker stop unifi-db 2>/dev/null || true
        docker rm unifi-db 2>/dev/null || true
      changed_when: true

    - name: Remove MongoDB image
      shell: docker rmi mongo:4.4.29 2>/dev/null || true
      changed_when: true

    - name: Remove MongoDB compose directory
      file:
        path: /home/docker/appdata/mongodb
        state: absent

    - name: Prune unused images
      shell: docker image prune -f
      changed_when: true

    - name: Verify cleanup
      shell: |
        echo "Containers:" && docker ps -a --filter name=unifi --format "{{'{{'}}.Names{{'}}'}}"
        echo "Images:" && docker images | grep -i mongo || echo "No mongo images"
      register: cleanup_verify
      changed_when: false

    - name: Show cleanup status
      debug:
        msg: "{{ cleanup_verify.stdout_lines }}"

- name: Stop existing Unifi on network-services
  hosts: network-services
  gather_facts: no
  tags: [stop]
  tasks:
    - name: Stop existing containers
      shell: |
        docker stop unifi unifi-db 2>/dev/null || true
        docker rm unifi unifi-db 2>/dev/null || true
      changed_when: true

- name: Deploy Unifi stack on network-services
  hosts: network-services
  gather_facts: no
  tags: [deploy]
  tasks:
    - name: Ensure appdata directory exists
      file:
        path: /root/docker/appdata/unifi
        state: directory
        mode: '0755'

    - name: Verify NFS mount
      stat:
        path: /mnt/nas/docker/unifi
      register: nfs_check

    - name: Fail if NFS not mounted
      fail:
        msg: "NFS mount /mnt/nas/docker/unifi not accessible"
      when: not nfs_check.stat.exists

    - name: Deploy compose file
      copy:
        src: "../compose-files/network-services/unifi/docker-compose.yml"
        dest: /root/docker/appdata/unifi/docker-compose.yml
        mode: '0644'

    - name: Pull images
      shell: |
        cd /root/docker/appdata/unifi
        docker compose pull
      register: pull_result

    - name: Start stack
      shell: |
        cd /root/docker/appdata/unifi
        docker compose up -d
      register: start_result

    - name: Wait for MongoDB to be ready
      shell: |
        for i in $(seq 1 30); do
          if docker exec unifi-db mongo --eval "db.adminCommand('ping')" 2>/dev/null | grep -q "ok"; then
            echo "MongoDB ready"
            exit 0
          fi
          sleep 2
        done
        echo "MongoDB timeout"
        exit 1
      register: mongo_ready
      changed_when: false

    - name: Wait for Unifi startup
      pause:
        seconds: 90
        prompt: "Waiting for Unifi to initialize (90s)..."

    - name: Check container status
      shell: |
        docker ps --filter name=unifi --format "table {{'{{'}}.Names{{'}}'}}\t{{'{{'}}.Status{{'}}'}}\t{{'{{'}}.Ports{{'}}'}}" | head -5
      register: container_status
      changed_when: false

    - name: Show status
      debug:
        msg: "{{ container_status.stdout_lines }}"

    - name: Verify resource limits applied
      shell: |
        echo "=== Resource Limits ===" 
        docker inspect unifi-db --format '{{'{{'}}.Name{{'}}'}}: Memory={{'{{'}}.HostConfig.Memory}} CPUs={{'{{'}}.HostConfig.NanoCpus}}'
        docker inspect unifi --format '{{'{{'}}.Name{{'}}'}}: Memory={{'{{'}}.HostConfig.Memory}} CPUs={{'{{'}}.HostConfig.NanoCpus}}'
      register: limits_check
      changed_when: false

    - name: Show resource limits
      debug:
        msg: "{{ limits_check.stdout_lines }}"

- name: Summary
  hosts: localhost
  gather_facts: no
  tags: [always]
  tasks:
    - name: Next steps
      debug:
        msg:
          - "============================================"
          - "UNIFI DEPLOYMENT COMPLETE"
          - "============================================"
          - "Stack: network-services (.121)"
          - "  - unifi-db (MongoDB 4.4.29) - 512M/1CPU"
          - "  - unifi (Network App) - 1G/1CPU"
          - ""
          - "Access: https://192.168.1.121:8443"
          - ""
          - "UPDATE APs:"
          - "  ssh admin@<AP-IP>"
          - "  set-inform http://192.168.1.121:8080/inform"
          - "============================================"