---
- name: Verify matrix role
  hosts: localhost
  gather_facts: false
  vars:
    matrix_data_dir: /tmp/sovereign_test/matrix
    matrix_domain: matrix.test.example.com
    element_domain: chat.test.example.com
    matrix_version: v1.118.0
    matrix_db_password: test_matrix_db
    jitsi_domain: meet.test.example.com
    tenant_name: Test Corp
    element_theme: light

  tasks:
    - name: Check matrix data directory exists
      ansible.builtin.stat:
        path: "/tmp/sovereign_test/matrix"
      register: data_dir_stat

    - name: Assert matrix data directory is present
      ansible.builtin.assert:
        that: data_dir_stat.stat.isdir
        fail_msg: "Data directory /tmp/sovereign_test/matrix was not created"

    - name: Check synapse subdirectory exists
      ansible.builtin.stat:
        path: "/tmp/sovereign_test/matrix/synapse"
      register: synapse_dir_stat

    - name: Assert synapse subdirectory is present
      ansible.builtin.assert:
        that: synapse_dir_stat.stat.isdir
        fail_msg: "Synapse directory /tmp/sovereign_test/matrix/synapse was not created"

    - name: Check element subdirectory exists
      ansible.builtin.stat:
        path: "/tmp/sovereign_test/matrix/element"
      register: element_dir_stat

    - name: Assert element subdirectory is present
      ansible.builtin.assert:
        that: element_dir_stat.stat.isdir
        fail_msg: "Element directory /tmp/sovereign_test/matrix/element was not created"

    - name: Check element config.json exists
      ansible.builtin.stat:
        path: "/tmp/sovereign_test/matrix/element/config.json"
      register: element_config_stat

    - name: Assert element config.json was rendered
      ansible.builtin.assert:
        that: element_config_stat.stat.exists
        fail_msg: "element/config.json was not rendered for matrix"

    - name: Read element config.json
      ansible.builtin.slurp:
        src: "/tmp/sovereign_test/matrix/element/config.json"
      register: element_config_raw

    - name: Parse element config.json as JSON
      ansible.builtin.set_fact:
        element_config_parsed: "{{ element_config_raw.content | b64decode | from_json }}"

    - name: Assert element config.json is valid JSON
      ansible.builtin.assert:
        that: element_config_parsed is mapping
        fail_msg: "element/config.json could not be parsed as valid JSON"

    - name: Set element config content fact
      ansible.builtin.set_fact:
        element_config: "{{ element_config_raw.content | b64decode }}"

    - name: Assert element config contains tenant brand name
      ansible.builtin.assert:
        that: element_config_parsed.brand == "Test Corp"
        fail_msg: "element/config.json does not contain brand: Test Corp"

    - name: Assert element config contains matrix homeserver URL
      ansible.builtin.assert:
        that: element_config_parsed['default_server_config']['m.homeserver']['base_url'] == "https://matrix.test.example.com"
        fail_msg: "element/config.json does not contain https://matrix.test.example.com"

    - name: Assert element config contains jitsi domain
      ansible.builtin.assert:
        that: element_config_parsed.jitsi.preferred_domain == "meet.test.example.com"
        fail_msg: "element/config.json does not contain meet.test.example.com"

    - name: Assert element config contains default theme
      ansible.builtin.assert:
        that: element_config_parsed.default_theme == "light"
        fail_msg: "element/config.json does not contain default_theme: light"

    - name: Check docker-compose.yml exists
      ansible.builtin.stat:
        path: "/tmp/sovereign_test/matrix/docker-compose.yml"
      register: compose_stat

    - name: Assert docker-compose.yml was rendered
      ansible.builtin.assert:
        that: compose_stat.stat.exists
        fail_msg: "docker-compose.yml was not rendered for matrix"

    - name: Read docker-compose.yml
      ansible.builtin.slurp:
        src: "/tmp/sovereign_test/matrix/docker-compose.yml"
      register: compose_raw

    - name: Set compose content fact
      ansible.builtin.set_fact:
        compose: "{{ compose_raw.content | b64decode }}"

    - name: Assert synapse image with version is present
      ansible.builtin.assert:
        that: "'ghcr.io/element-hq/synapse:v1.118.0' in compose"
        fail_msg: "Expected synapse image ghcr.io/element-hq/synapse:v1.118.0 not found in docker-compose.yml"

    - name: Assert matrix domain traefik rule is present
      ansible.builtin.assert:
        that: "'Host(`matrix.test.example.com`)' in compose"
        fail_msg: "Traefik rule for matrix.test.example.com not found in docker-compose.yml"

    - name: Assert element domain traefik rule is present
      ansible.builtin.assert:
        that: "'Host(`chat.test.example.com`)' in compose"
        fail_msg: "Traefik rule for chat.test.example.com not found in docker-compose.yml"

    - name: Assert matrix db password is present
      ansible.builtin.assert:
        that: "'test_matrix_db' in compose"
        fail_msg: "matrix_db_password not found in docker-compose.yml"

    - name: Assert GELF logging address is present
      ansible.builtin.assert:
        that: "'udp://127.0.0.1:12201' in compose"
        fail_msg: "GELF logging address udp://127.0.0.1:12201 not found in docker-compose.yml"

    - name: Assert sovereign network is external
      ansible.builtin.assert:
        that: "'external: true' in compose"
        fail_msg: "external: true not found in docker-compose.yml networks section"