---
# Check Traefik Logs and ACME Challenge Status

- name: Check if Traefik stack directory exists
  ansible.builtin.stat:
    path: "{{ traefik_stack_path }}"
  register: traefik_stack_exists

- name: Fail if Traefik stack directory does not exist
  ansible.builtin.fail:
    msg: "Traefik stack directory not found at {{ traefik_stack_path }}"
  when: not traefik_stack_exists.stat.exists

- name: Get recent Traefik logs
  ansible.builtin.shell: |
    cd {{ traefik_stack_path }}
    docker compose logs {{ traefik_container_name }} --tail={{ traefik_logs_tail | default(100) }} 2>&1
  register: traefik_logs
  changed_when: false
  failed_when: false

- name: Check for ACME challenge errors in container logs
  ansible.builtin.shell: |
    cd {{ traefik_stack_path }}
    docker compose logs {{ traefik_container_name }} 2>&1 | grep -iE "acme.*challenge|Cannot retrieve.*ACME" | tail -{{ traefik_logs_error_tail | default(20) }} || echo "No ACME challenge errors found in recent logs"
  register: acme_errors
  changed_when: false
  failed_when: false

- name: Check for ACME challenge errors in log file
  ansible.builtin.shell: |
    tail -n {{ traefik_logs_tail | default(100) }} {{ traefik_stack_path }}/logs/traefik.log 2>/dev/null | grep -iE "acme.*challenge|Cannot retrieve.*ACME" | tail -{{ traefik_logs_error_tail | default(20) }} || echo "No ACME challenge errors found in log file"
  register: acme_errors_file
  changed_when: false
  failed_when: false
  ignore_errors: yes

- name: Get logs from last N minutes
  ansible.builtin.shell: |
    cd {{ traefik_stack_path }}
    docker compose logs {{ traefik_container_name }} --since {{ traefik_logs_since_minutes | default(10) }}m 2>&1 | tail -{{ traefik_logs_recent_tail | default(50) }}
  register: recent_logs
  changed_when: false
  failed_when: false
  when: traefik_logs_since_minutes is defined

- name: Count ACME challenge errors in last hour
  ansible.builtin.shell: |
    cd {{ traefik_stack_path }}
    docker compose logs {{ traefik_container_name }} --since 1h 2>&1 | grep -c "Cannot retrieve.*ACME challenge" || echo "0"
  register: acme_error_count
  changed_when: false
  failed_when: false

- name: Display ACME challenge error summary
  ansible.builtin.debug:
    msg: |
      ========================================
      Traefik ACME Challenge Status
      ========================================
      ACME Errors (last hour): {{ acme_error_count.stdout }}
      ========================================
      
      {% if acme_error_count.stdout | int > 0 %}
      ⚠️  ACME challenge errors still occurring
      {% else %}
      ✅ No ACME challenge errors in the last hour!
      {% endif %}
  when: traefik_show_status | default(true) | bool

- name: Display ACME challenge errors from container logs
  ansible.builtin.debug:
    msg: |
      ========================================
      ACME Challenge Errors (Container Logs):
      ========================================
      {{ acme_errors.stdout }}
      ========================================
  when: traefik_show_status | default(true) | bool

- name: Display ACME challenge errors from log file
  ansible.builtin.debug:
    msg: |
      ========================================
      ACME Challenge Errors (Log File):
      ========================================
      {{ acme_errors_file.stdout }}
      ========================================
  when: traefik_show_status | default(true) | bool

- name: Display recent Traefik logs
  ansible.builtin.debug:
    msg: |
      ========================================
      Recent Traefik Logs (last {{ traefik_logs_since_minutes | default(10) }} minutes):
      ========================================
      {{ recent_logs.stdout | default('No recent logs') }}
      ========================================
  when:
    - traefik_logs_since_minutes is defined
    - traefik_show_status | default(true) | bool

- name: Display all Traefik logs
  ansible.builtin.debug:
    msg: |
      ========================================
      Traefik Container Logs (last {{ traefik_logs_tail | default(100) }} lines):
      ========================================
      {{ traefik_logs.stdout | default('No logs available') }}
      ========================================
  when:
    - traefik_show_all_logs | default(false) | bool
    - traefik_show_status | default(true) | bool

- name: Display final summary
  ansible.builtin.debug:
    msg: |
      ========================================
      Summary
      ========================================
      {% if acme_error_count.stdout | int == 0 %}
      ✅ SUCCESS: No ACME challenge errors in the last hour!
      
      The Traefik configuration fix appears to be working. Monitor the logs
      for the next certificate renewal attempt (usually hourly) to confirm.
      {% else %}
      ⚠️  WARNING: {{ acme_error_count.stdout }} ACME challenge errors found in the last hour.
      
      The errors may be from before the configuration fix was applied.
      Monitor the logs for the next certificate renewal attempt to see if
      the errors have stopped.
      {% endif %}
      ========================================
  when: traefik_show_status | default(true) | bool