Post-Tyranny-Tech-Infrastructure/ansible/playbooks/260123-upgrade-nextcloud-stage.yml

---
# Nextcloud Upgrade Stage Task File
# This file is included by 260123-upgrade-nextcloud.yml for each upgrade stage
# Do not run directly

- name: "Stage {{ stage.stage }}: Upgrade from v{{ stage.from }} to v{{ stage.to }}"
  debug:
    msg: |
      ============================================================
      Starting Stage {{ stage.stage }}: v{{ stage.from }} → v{{ stage.to }}
      ============================================================

- name: "Stage {{ stage.stage }}: Verify current version is v{{ stage.from }}"
  shell: docker exec -u www-data nextcloud php occ status --output=json
  register: stage_version_check
  changed_when: false

- name: "Stage {{ stage.stage }}: Parse current version"
  set_fact:
    stage_current: "{{ (stage_version_check.stdout | from_json).versionstring }}"

- name: "Stage {{ stage.stage }}: Check version compatibility"
  fail:
    msg: "Expected v{{ stage.from }}.x but found v{{ stage_current }}"
  when: stage_current is version(stage.from, '<') or stage_current is version(stage.to, '>=')

- name: "Stage {{ stage.stage }}: Disable non-essential apps"
  shell: |
    docker exec -u www-data nextcloud php occ app:list --output=json | \
    jq -r '.enabled | keys[]' | \
    grep -Ev '^(files|dav|federatedfilesharing|settings|provisioning_api|files_sharing|files_trashbin|files_versions|comments|contactsinteraction|dashboard|activity|notifications|user_status|weather_status|workflowengine)$' | \
    while read app; do
      echo "Disabling $app"
      docker exec -u www-data nextcloud php occ app:disable "$app" || true
    done
  register: apps_disabled
  changed_when: "'Disabling' in apps_disabled.stdout"

- name: "Stage {{ stage.stage }}: Update docker-compose.yml to v{{ stage.to }}"
  replace:
    path: "{{ nextcloud_base_dir }}/docker-compose.yml"
    regexp: 'image:\s*nextcloud:{{ stage.from }}'
    replace: 'image: nextcloud:{{ stage.to }}'

- name: "Stage {{ stage.stage }}: Pull Nextcloud v{{ stage.to }} image"
  shell: docker pull nextcloud:{{ stage.to }}
  register: image_pull
  changed_when: "'Downloaded' in image_pull.stdout or 'Pulling' in image_pull.stdout"

- name: "Stage {{ stage.stage }}: Start Nextcloud with new version"
  community.docker.docker_compose_v2:
    project_src: "{{ nextcloud_base_dir }}"
    state: present
    pull: always

- name: "Stage {{ stage.stage }}: Wait for container to be ready"
  shell: |
    timeout=300
    elapsed=0
    while [ $elapsed -lt $timeout ]; do
      if docker exec nextcloud curl -f http://localhost:80/status.php 2>/dev/null; then
        echo "Container ready"
        exit 0
      fi
      sleep 5
      elapsed=$((elapsed + 5))
    done
    echo "Timeout waiting for container"
    exit 1
  register: container_ready
  changed_when: false

- name: "Stage {{ stage.stage }}: Run occ upgrade"
  shell: docker exec -u www-data nextcloud php occ upgrade --no-interaction
  register: occ_upgrade
  changed_when: "'Update successful' in occ_upgrade.stdout or 'upgraded' in occ_upgrade.stdout"
  failed_when:
    - occ_upgrade.rc != 0
    - "'already latest version' not in occ_upgrade.stdout"

- name: "Stage {{ stage.stage }}: Display upgrade output"
  debug:
    msg: "{{ occ_upgrade.stdout_lines }}"

- name: "Stage {{ stage.stage }}: Verify upgrade succeeded"
  shell: docker exec -u www-data nextcloud php occ status --output=json
  register: stage_verify
  changed_when: false

- name: "Stage {{ stage.stage }}: Parse upgraded version"
  set_fact:
    stage_upgraded: "{{ (stage_verify.stdout | from_json).versionstring }}"

- name: "Stage {{ stage.stage }}: Check upgrade was successful"
  fail:
    msg: "Upgrade to v{{ stage.to }} failed - still on v{{ stage_upgraded }}"
  when: stage_upgraded is version(stage.to, '<')

- name: "Stage {{ stage.stage }}: Run database migrations"
  shell: docker exec -u www-data nextcloud php occ db:add-missing-indices
  register: db_indices
  changed_when: "'indices added' in db_indices.stdout"
  failed_when: false

- name: "Stage {{ stage.stage }}: Run database column conversions"
  shell: docker exec -u www-data nextcloud php occ db:convert-filecache-bigint --no-interaction
  register: db_bigint
  changed_when: "'converted' in db_bigint.stdout"
  failed_when: false
  timeout: 600

- name: "Stage {{ stage.stage }}: Success"
  debug:
    msg: |
      ============================================================
      ✓ Stage {{ stage.stage }} completed successfully
      Upgraded from v{{ stage.from }} to v{{ stage_upgraded }}
      ============================================================