---
- name: Configure Caddy service
  hosts: all
  handlers:
      - name: Import handler tasks
        ansible.builtin.import_tasks: handlers/main.yml
  gather_facts: true

  tasks:
      - name: Set Caddy directories (basic)
        ansible.builtin.set_fact:
            caddy_service_dir: "{{ ansible_env.HOME }}/services/caddy"
            caddy_data_dir: "/mnt/object_storage/services/caddy"
        tags:
            - caddy
            - setup
            - country-blocking
            - always

      - name: Get Caddy email from 1Password
        ansible.builtin.set_fact:
            caddy_email: "{{ lookup('community.general.onepassword', 'Caddy (Proxy)', vault='Dotfiles', field='email') }}"
        ignore_errors: true
        tags:
            - caddy
            - config
            - caddyfile
            - country-blocking

      - name: Set fallback email if 1Password failed
        ansible.builtin.set_fact:
            caddy_email: "admin@example.com"
        when: caddy_email is not defined
        tags:
            - caddy
            - config
            - caddyfile
            - country-blocking

      - name: Setup country blocking
        ansible.builtin.include_tasks: tasks/servers/services/caddy/country-blocking.yml
        tags:
            - caddy
            - country-blocking
            - security

      - name: Create Caddy directory
        ansible.builtin.file:
            path: "{{ caddy_service_dir }}"
            state: directory
            mode: "0755"
        tags:
            - caddy
            - setup

      - name: Create Caddy network
        ansible.builtin.command: docker network create caddy_default
        register: create_caddy_network
        failed_when:
            - create_caddy_network.rc != 0
            - "'already exists' not in create_caddy_network.stderr"
        changed_when: create_caddy_network.rc == 0
        tags:
            - caddy
            - docker
            - network

      - name: Deploy Caddy docker-compose.yml
        ansible.builtin.template:
            src: tasks/servers/services/caddy/docker-compose.yml.j2
            dest: "{{ caddy_service_dir }}/docker-compose.yml"
            mode: "0644"
        register: caddy_compose
        tags:
            - caddy
            - docker
            - config

      - name: Deploy Caddy Caddyfile
        ansible.builtin.template:
            src: tasks/servers/services/caddy/Caddyfile.j2
            dest: "{{ caddy_service_dir }}/Caddyfile"
            mode: "0644"
        register: caddy_file
        tags:
            - caddy
            - config
            - caddyfile

      - name: Stop Caddy service
        ansible.builtin.command: docker compose -f "{{ caddy_service_dir }}/docker-compose.yml" down --remove-orphans
        when: caddy_compose.changed or caddy_file.changed
        tags:
            - caddy
            - docker
            - service

      - name: Start Caddy service
        ansible.builtin.command: docker compose -f "{{ caddy_service_dir }}/docker-compose.yml" up -d
        when: caddy_compose.changed or caddy_file.changed
        tags:
            - caddy
            - docker
            - service