---
# Valkey Sentinel Setup (1 master + 2 replicas + Sentinel on each)
#
# Provides automatic failover without requiring cluster-aware clients.
# Apps connect directly to master or use Sentinel-aware clients.
#
# Usage:
#   ansible-playbook -i inventory.ini playbooks/valkey-sentinel.yml

- name: Configure Valkey with Sentinel
  hosts: valkey
  become: true
  vars_files:
    - ../vault/secrets.yml
  vars:
    valkey_maxmemory: "256mb"
    valkey_maxmemory_policy: "allkeys-lru"
    valkey_role: "{{ 'master' if inventory_hostname == 'valkey-01' else 'replica' }}"
  tasks:
    - name: Stop valkey service
      systemd:
        name: valkey
        state: stopped
      ignore_errors: true

    - name: Remove cluster data files
      file:
        path: "{{ item }}"
        state: absent
      loop:
        - /var/lib/valkey/nodes.conf
        - /var/lib/valkey/dump.rdb

    - name: Deploy standalone Valkey configuration
      template:
        src: ../templates/valkey-standalone.conf.j2
        dest: /etc/valkey/valkey.conf
        owner: valkey
        group: valkey
        mode: '0640'

    - name: Deploy ACL file
      template:
        src: ../templates/valkey-acl.j2
        dest: /etc/valkey/users.acl
        owner: valkey
        group: valkey
        mode: '0600'

    - name: Create Sentinel data directory
      file:
        path: /var/lib/valkey/sentinel
        state: directory
        owner: valkey
        group: valkey
        mode: '0750'

    - name: Deploy Sentinel configuration
      template:
        src: ../templates/valkey-sentinel.conf.j2
        dest: /etc/valkey/sentinel.conf
        owner: valkey
        group: valkey
        mode: '0640'

    - name: Deploy Sentinel systemd service
      copy:
        dest: /etc/systemd/system/valkey-sentinel.service
        content: |
          [Unit]
          Description=Valkey Sentinel
          Documentation=https://valkey.io/
          After=network.target valkey.service nebula.service
          Wants=network-online.target

          [Service]
          Type=simple
          User=valkey
          Group=valkey
          ExecStart=/usr/bin/valkey-sentinel /etc/valkey/sentinel.conf
          Restart=always
          RestartSec=5

          [Install]
          WantedBy=multi-user.target
        mode: '0644'

    - name: Reload systemd
      systemd:
        daemon_reload: true

    - name: Start Valkey service
      systemd:
        name: valkey
        state: started
        enabled: true

    - name: Wait for Valkey to be ready
      wait_for:
        host: "{{ nebula_ip }}"
        port: 6379
        timeout: 30

- name: Start Sentinel on all nodes
  hosts: valkey
  become: true
  serial: 1
  tasks:
    - name: Wait for master to be ready (replicas only)
      wait_for:
        host: "{{ hostvars['valkey-01']['nebula_ip'] }}"
        port: 6379
        timeout: 30
      when: inventory_hostname != 'valkey-01'

    - name: Start Sentinel service
      systemd:
        name: valkey-sentinel
        state: started
        enabled: true

    - name: Wait for Sentinel to be ready
      wait_for:
        host: "{{ nebula_ip }}"
        port: 26379
        timeout: 30

- name: Verify Sentinel Setup
  hosts: valkey-01
  become: true
  vars_files:
    - ../vault/secrets.yml
  tasks:
    - name: Check replication status
      command: >
        valkey-cli -h {{ nebula_ip }} -p 6379
        --user admin --pass {{ valkey_admin_password }}
        info replication
      register: replication_info
      changed_when: false

    - name: Display replication status
      debug:
        msg: "{{ replication_info.stdout_lines }}"

    - name: Check Sentinel status
      command: >
        valkey-cli -h {{ nebula_ip }} -p 26379
        sentinel master valkey-ha
      register: sentinel_info
      changed_when: false

    - name: Display Sentinel status
      debug:
        msg: "{{ sentinel_info.stdout_lines }}"