---
# Comprehensive Ansible Environment Validation
# Purpose: Deep health check of all managed nodes
# Usage: ansible-playbook playbooks/validate-connectivity.yml

- name: Ansible Environment Validation
  hosts: all
  gather_facts: true

  tasks:
    - name: Test ping module
      ansible.builtin.ping:

    - name: Display node facts
      ansible.builtin.debug:
        msg: |
          Hostname: {{ ansible_hostname }}
          OS: {{ ansible_distribution }} {{ ansible_distribution_version }}
          Architecture: {{ ansible_architecture }}
          Python: {{ ansible_python_version }}
          Total Memory: {{ (ansible_memory_mb.real.total / 1024) | round(1) }}GB
          CPU Cores: {{ ansible_processor_vcpus }}

    - name: Test privilege escalation
      ansible.builtin.command:
        cmd: whoami
      become: true
      register: sudo_test
      changed_when: false

    - name: Verify sudo worked
      ansible.builtin.assert:
        that:
          - sudo_test.stdout == "root"
        success_msg: "Privilege escalation: PASS"
        fail_msg: "Privilege escalation: FAIL"

    - name: Check Docker installation
      ansible.builtin.command:
        cmd: docker --version
      register: docker_version
      changed_when: false
      failed_when: false
      when: inventory_hostname in groups['docker_nodes']

    - name: Display Docker status
      ansible.builtin.debug:
        msg: "Docker {{ 'installed: ' + docker_version.stdout if docker_version.rc == 0 else 'NOT installed' }}"
      when: inventory_hostname in groups['docker_nodes']

    - name: Check NFS mount (infrastructure nodes only)
      ansible.builtin.stat:
        path: /mnt/appdata
      register: nfs_mount
      when: inventory_hostname in groups.get('nfs_clients', [])

    - name: Display NFS status
      ansible.builtin.debug:
        msg: "NFS mount /mnt/appdata: {{ 'EXISTS' if nfs_mount.stat.exists else 'MISSING' }}"
      when:
        - inventory_hostname in groups.get('nfs_clients', [])
        - nfs_mount is defined

    - name: Check available disk space
      ansible.builtin.shell:
        cmd: set -o pipefail && df -h / | tail -1 | awk '{print $5}' | sed 's/%//'
        executable: /bin/bash
      register: disk_usage
      changed_when: false

    - name: Warn if disk usage high
      ansible.builtin.debug:
        msg: "WARNING: Root filesystem {{ disk_usage.stdout }}% full"
      when: disk_usage.stdout | int > 80

    - name: Check system uptime
      ansible.builtin.command:
        cmd: uptime -p
      register: uptime_output
      changed_when: false

    - name: Display uptime
      ansible.builtin.debug:
        msg: "System uptime: {{ uptime_output.stdout }}"

- name: Proxmox-specific validation
  hosts: proxmox_cluster
  gather_facts: false

  tasks:
    - name: Check Proxmox version
      ansible.builtin.command:
        cmd: pveversion
      register: pve_version
      changed_when: false

    - name: Display Proxmox version
      ansible.builtin.debug:
        msg: "{{ pve_version.stdout_lines }}"

    - name: Check cluster status
      ansible.builtin.command:
        cmd: pvecm status
      register: cluster_status
      changed_when: false
      failed_when: false

    - name: Display cluster info
      ansible.builtin.debug:
        msg: "{{ 'Cluster configured' if cluster_status.rc == 0 else 'Standalone node (no cluster)' }}"

- name: Final summary
  hosts: all
  gather_facts: false

  tasks:
    - name: Environment validation complete
      ansible.builtin.debug:
        msg: |
          ✅ Validation complete for {{ inventory_hostname }}
          All critical checks passed successfully.