---
- name: Instalar PostgreSQL (versión disponible en Debian)
  apt:
    name:
      - postgresql
      - postgresql-contrib
      - python3-psycopg2
    state: present
    update_cache: yes

- name: Detectar versión de PostgreSQL instalada
  shell: "ls -1 /etc/postgresql/ | head -1"
  register: pg_version
  changed_when: false

- name: Configurar PostgreSQL para escuchar en localhost
  lineinfile:
    path: "/etc/postgresql/{{ pg_version.stdout }}/main/postgresql.conf"
    regexp: '^#?listen_addresses'
    line: "listen_addresses = 'localhost'"
  notify: restart postgresql

- name: Permitir conexiones locales con password
  lineinfile:
    path: "/etc/postgresql/{{ pg_version.stdout }}/main/pg_hba.conf"
    insertafter: '^# "local" is for Unix domain socket'
    line: "host    all    all    127.0.0.1/32    scram-sha-256"
  notify: restart postgresql

- name: Asegurar PostgreSQL iniciado y habilitado
  systemd:
    name: postgresql
    state: started
    enabled: yes

- name: Esperar a que PostgreSQL esté listo
  wait_for:
    port: 5432
    timeout: 30

- name: Cambiar contraseña del usuario postgres
  postgresql_user:
    name: postgres
    password: "{{ core_db_credentials.postgres_root_password }}"
    login_unix_socket: /var/run/postgresql
  become_user: postgres

- name: Crear bases de datos
  postgresql_db:
    name: "{{ item.name }}"
    encoding: UTF-8
    lc_collate: es_ES.UTF-8
    lc_ctype: es_ES.UTF-8
    template: template0
    login_unix_socket: /var/run/postgresql
  become_user: postgres
  loop:
    - { name: "{{ core_db_credentials.dolibarr_db_name }}" }
    - { name: "{{ core_db_credentials.teable_db_name }}" }
    - { name: "{{ core_db_credentials.activepieces_db_name }}" }
    - { name: "{{ core_db_credentials.wikijs_db_name }}" }
    - { name: "{{ core_db_credentials.metabase_db_name }}" }

- name: Crear usuarios de bases de datos
  postgresql_user:
    name: "{{ item.user }}"
    password: "{{ item.pass }}"
    db: "{{ item.db }}"
    priv: ALL
    login_unix_socket: /var/run/postgresql
  become_user: postgres
  loop:
    - { user: "{{ core_db_credentials.dolibarr_db_user }}", pass: "{{ core_db_credentials.dolibarr_db_pass }}", db: "{{ core_db_credentials.dolibarr_db_name }}" }
    - { user: "{{ core_db_credentials.teable_db_user }}", pass: "{{ core_db_credentials.teable_db_pass }}", db: "{{ core_db_credentials.teable_db_name }}" }
    - { user: "{{ core_db_credentials.activepieces_db_user }}", pass: "{{ core_db_credentials.activepieces_db_pass }}", db: "{{ core_db_credentials.activepieces_db_name }}" }
    - { user: "{{ core_db_credentials.wikijs_db_user }}", pass: "{{ core_db_credentials.wikijs_db_pass }}", db: "{{ core_db_credentials.wikijs_db_name }}" }
    - { user: "{{ core_db_credentials.metabase_db_user }}", pass: "{{ core_db_credentials.metabase_db_pass }}", db: "{{ core_db_credentials.metabase_db_name }}" }

- name: Crear script de backup automático
  copy:
    dest: /usr/local/bin/backup-postgres-core.sh
    mode: '0755'
    content: |
      #!/bin/bash
      DATE=$(date +%Y%m%d_%H%M%S)
      BACKUP_DIR="/opt/backups/postgres"
      mkdir -p "$BACKUP_DIR"
      
      su - postgres -c "pg_dumpall" | gzip > "$BACKUP_DIR/all_dbs_$DATE.sql.gz"
      
      find "$BACKUP_DIR" -name "*.sql.gz" -mtime +7 -delete
      
      echo "✓ Backup PostgreSQL completado: $DATE"

- name: Crear directorio de backups
  file:
    path: /opt/backups/postgres
    state: directory
    mode: '0755'

- name: Programar backup diario PostgreSQL
  cron:
    name: "Backup PostgreSQL CORE"
    minute: "0"
    hour: "3"
    job: "/usr/local/bin/backup-postgres-core.sh >> /var/log/postgres-backup.log 2>&1"