---
# Ansible Playbook: Update Gitea Configuration
# Purpose: Update Gitea app.ini configuration to fix performance issues
# Usage:
#   ansible-playbook -i inventory/production.yml playbooks/update-gitea-config.yml \
#     --vault-password-file secrets/.vault_pass

- name: Update Gitea Configuration
  hosts: production
  vars:
    gitea_stack_path: "{{ stacks_base_path }}/gitea"
    gitea_url: "https://{{ gitea_domain }}"
    gitea_app_ini_path: "{{ gitea_stack_path }}/app.ini"
    gitea_app_ini_container_path: "/data/gitea/conf/app.ini"

  tasks:
    - name: Verify Gitea container exists
      shell: |
        docker compose -f {{ gitea_stack_path }}/docker-compose.yml ps gitea | grep -q "gitea"
      register: gitea_exists
      changed_when: false
      failed_when: false

    - name: Fail if Gitea container does not exist
      fail:
        msg: "Gitea container does not exist. Please deploy Gitea stack first."
      when: gitea_exists.rc != 0

    - name: Get database configuration from environment
      shell: |
        docker compose -f {{ gitea_stack_path }}/docker-compose.yml exec -T gitea env | grep -E "^GITEA__database__" || true
      register: gitea_db_env
      changed_when: false
      failed_when: false

    - name: Parse database configuration
      set_fact:
        gitea_db_type: "{{ (gitea_db_env.stdout | default('') | regex_search('GITEA__database__DB_TYPE=([^\n]+)', '\\1') or ['postgres']) | first }}"
        gitea_db_host: "{{ (gitea_db_env.stdout | default('') | regex_search('GITEA__database__HOST=([^\n]+)', '\\1') or ['postgres:5432']) | first }}"
        gitea_db_name: "{{ (gitea_db_env.stdout | default('') | regex_search('GITEA__database__NAME=([^\n]+)', '\\1') or ['gitea']) | first }}"
        gitea_db_user: "{{ (gitea_db_env.stdout | default('') | regex_search('GITEA__database__USER=([^\n]+)', '\\1') or ['gitea']) | first }}"
        gitea_db_passwd: "{{ (gitea_db_env.stdout | default('') | regex_search('GITEA__database__PASSWD=([^\n]+)', '\\1') or ['gitea_password']) | first }}"

    - name: Get Gitea server configuration from environment
      shell: |
        docker compose -f {{ gitea_stack_path }}/docker-compose.yml exec -T gitea env | grep -E "^GITEA__server__" || true
      register: gitea_server_env
      changed_when: false
      failed_when: false

    - name: Parse server configuration
      set_fact:
        gitea_domain_parsed: "{{ (gitea_server_env.stdout | default('') | regex_search('GITEA__server__DOMAIN=([^\n]+)', '\\1') or [gitea_domain | default('git.michaelschiemer.de')]) | first }}"
        ssh_port_parsed: "{{ (gitea_server_env.stdout | default('') | regex_search('GITEA__server__SSH_PORT=([^\n]+)', '\\1') or ['2222']) | first }}"

    - name: Set final configuration variables
      set_fact:
        gitea_domain: "{{ gitea_domain_parsed }}"
        ssh_port: "{{ ssh_port_parsed }}"
        ssh_listen_port: "{{ ssh_port_parsed }}"

    - name: Extract database host and port
      set_fact:
        gitea_db_hostname: "{{ gitea_db_host.split(':')[0] }}"
        gitea_db_port: "{{ (gitea_db_host.split(':')[1]) | default('5432') }}"

    - name: Set Redis password
      set_fact:
        redis_password: "{{ vault_gitea_redis_password | default(vault_redis_password | default('gitea_redis_password')) }}"

    - name: Generate app.ini from template
      template:
        src: ../templates/gitea-app.ini.j2
        dest: "{{ gitea_app_ini_path }}"
        mode: '0644'
      vars:
        postgres_db: "{{ gitea_db_name }}"
        postgres_user: "{{ gitea_db_user }}"
        postgres_password: "{{ gitea_db_passwd }}"
        gitea_domain: "{{ gitea_domain }}"
        ssh_port: "{{ ssh_port }}"
        ssh_listen_port: "{{ ssh_listen_port }}"
        disable_registration: true
        redis_password: "{{ redis_password }}"

    - name: Copy app.ini to Gitea container
      shell: |
        docker compose -f {{ gitea_stack_path }}/docker-compose.yml cp {{ gitea_app_ini_path }} gitea:{{ gitea_app_ini_container_path }}
      ignore_errors: yes

    - name: Wait for container to be ready for exec
      shell: |
        docker compose -f {{ gitea_stack_path }}/docker-compose.yml exec -T gitea true
      register: container_ready
      until: container_ready.rc == 0
      retries: 30
      delay: 2
      changed_when: false

    - name: Set correct permissions on app.ini in container
      shell: |
        docker compose -f {{ gitea_stack_path }}/docker-compose.yml exec -T --user git gitea chown 1000:1000 {{ gitea_app_ini_container_path }} && \
        docker compose -f {{ gitea_stack_path }}/docker-compose.yml exec -T --user git gitea chmod 644 {{ gitea_app_ini_container_path }}

    - name: Restart Gitea container
      shell: |
        docker compose -f {{ gitea_stack_path }}/docker-compose.yml restart gitea

    - name: Wait for Gitea to be ready after restart
      uri:
        url: "{{ gitea_url }}/api/healthz"
        method: GET
        status_code: [200]
        validate_certs: false
        timeout: 10
      register: gitea_health_after_restart
      until: gitea_health_after_restart.status == 200
      retries: 30
      delay: 5
      changed_when: false

    - name: Display success message
      debug:
        msg: |
          Gitea configuration has been updated successfully!
          
          Changes applied:
          - Redis cache enabled (persistent, survives container restarts)
          - Redis sessions enabled (better performance and scalability)
          - Redis queue enabled (persistent job processing)
          - Database connection pooling configured
          - Connection limits set to prevent "Connection reset by peer" errors
          
          Gitea should now be more stable and perform better with Redis.