#SPDX-License-Identifier: MIT-0
---
# tasks file for configuring Nextcloud Talk HPB + TURN + STUN registration

# --- HPB / signaling -----------------------------------------------------------

- name: Remove HPB signaling servers no longer in use
  community.docker.docker_container_exec:
    container: "{{ nextcloud_docker_compose_dir | basename }}-nextcloud-1"
    command: php /var/www/html/occ talk:signaling:delete {{ item }}
  loop: "{{ nextcloud_talk_signaling_servers_removed }}"
  register: _talk_sig_removed
  changed_when: "'deleted' in (_talk_sig_removed.stdout | default(''))"
  failed_when:
    - _talk_sig_removed.rc != 0
    - "'is not configured' not in (_talk_sig_removed.stderr | default(''))"

- name: Register HPB signaling servers
  community.docker.docker_container_exec:
    container: "{{ nextcloud_docker_compose_dir | basename }}-nextcloud-1"
    command: >
      php /var/www/html/occ talk:signaling:add
      {{ item.server }}
      {{ item.secret }}
      {% if item.verify | default(true) %}--verify{% endif %}
  loop: "{{ nextcloud_talk_signaling_servers }}"
  no_log: true

# --- TURN ----------------------------------------------------------------------
# `talk:turn:add` appends without deduplication, so on each run we first clear
# the list via the underlying app config key (turn_servers, JSON array) and
# then re-add the declared set. This keeps the host_vars list as the single
# source of truth.

- name: Reset TURN server list before re-applying
  community.docker.docker_container_exec:
    container: "{{ nextcloud_docker_compose_dir | basename }}-nextcloud-1"
    command: php /var/www/html/occ config:app:set spreed turn_servers --value='[]'
  when: nextcloud_talk_turn_reset_before_add | bool

- name: Register TURN servers
  community.docker.docker_container_exec:
    container: "{{ nextcloud_docker_compose_dir | basename }}-nextcloud-1"
    command: >
      php /var/www/html/occ talk:turn:add
      {{ item.schemes | default('turn,turns') }}
      {{ item.server }}
      {{ item.protocols | default('udp,tcp') }}
      --secret={{ item.secret }}
  loop: "{{ nextcloud_talk_turn_servers }}"
  no_log: true

# --- STUN ----------------------------------------------------------------------

- name: Remove STUN servers no longer in use
  community.docker.docker_container_exec:
    container: "{{ nextcloud_docker_compose_dir | basename }}-nextcloud-1"
    command: php /var/www/html/occ talk:stun:delete {{ item }}
  loop: "{{ nextcloud_talk_stun_servers_removed }}"
  register: _talk_stun_removed
  changed_when: "'deleted' in (_talk_stun_removed.stdout | default(''))"
  failed_when:
    - _talk_stun_removed.rc != 0
    - "'is not configured' not in (_talk_stun_removed.stderr | default(''))"

- name: Register STUN servers
  community.docker.docker_container_exec:
    container: "{{ nextcloud_docker_compose_dir | basename }}-nextcloud-1"
    command: php /var/www/html/occ talk:stun:add {{ item }}
  loop: "{{ nextcloud_talk_stun_servers }}"