#SPDX-License-Identifier: MIT-0
---
# tasks file for traefik

- name: Determine which backend servers to proxy (DMZ mode)
  set_fact:
    _backend_servers: "{{ traefik_backend_servers_to_proxy if traefik_backend_servers_to_proxy | length > 0 else groups['backend_servers'] | default([]) }}"
  when: traefik_mode == 'dmz'

- name: Build service registry from backend servers (DMZ mode)
  set_fact:
    proxied_services: "{{ proxied_services | default([]) + hostvars[item].traefik_dmz_exposed_services | default([]) | map('combine', {'backend_host': hostvars[item].ansible_host | default(item)}) | list }}"
  loop: "{{ _backend_servers | default([]) }}"
  when: traefik_mode == 'dmz'

- name: Add directly defined services to registry (DMZ mode)
  set_fact:
    proxied_services: "{{ proxied_services | default([]) + traefik_services | default([]) }}"
  when: traefik_mode == 'dmz'

- name: Debug service registry
  debug:
    var: proxied_services
  when:
    - traefik_mode == 'dmz'
    - proxied_services is defined

- name: Create docker compose directory
  file:
    path: "{{ docker_compose_dir }}"
    state: directory
    mode: '0755'

- name: Create docker volume directory
  file:
    path: "{{ docker_volume_dir }}"
    state: directory
    mode: '0755'

- name: Create traefik config directory
  file:
    path: "{{ docker_volume_dir }}/config"
    state: directory
    mode: '0755'

- name: Create letsencrypt directory
  file:
    path: "{{ docker_volume_dir }}/letsencrypt"
    state: directory
    mode: '0755'
  when: traefik_cert_mode == 'acme'

- name: Create traefik Docker network
  community.docker.docker_network:
    name: "{{ traefik_network }}"
    state: present

- name: Generate traefik static configuration
  template:
    src: traefik.yml.j2
    dest: "{{ docker_volume_dir }}/traefik.yml"
    mode: '0644'
  notify: restart traefik

- name: Generate traefik dynamic configuration for DMZ services
  template:
    src: services.yml.j2
    dest: "{{ docker_volume_dir }}/config/services.yml"
    mode: '0644'
  notify: restart traefik
  when: traefik_mode == 'dmz'

- name: Generate dashboard routing configuration
  template:
    src: dashboard.yml.j2
    dest: "{{ docker_volume_dir }}/config/dashboard.yml"
    mode: '0644'
  notify: restart traefik
  when: traefik_enable_dashboard | bool and traefik_dashboard_domain | length > 0

- name: Remove dashboard routing configuration when not needed
  file:
    path: "{{ docker_volume_dir }}/config/dashboard.yml"
    state: absent
  notify: restart traefik
  when: not (traefik_enable_dashboard | bool) or traefik_dashboard_domain | length == 0

- name: Create docker-compose file for traefik
  template:
    src: docker-compose.yml.j2
    dest: "{{ docker_compose_dir }}/docker-compose.yml"
    mode: '0644'

- name: Start traefik container
  community.docker.docker_compose_v2:
    project_src: "{{ docker_compose_dir }}"
    state: present