---

- name: Fail if matrix-nginx-proxy role already executed
  ansible.builtin.fail:
    msg: >-
      Trying to append Matrix LDAP registration proxy's reverse-proxying configuration to matrix-nginx-proxy,
      but it's pointless since the matrix-nginx-proxy role had already executed.
      To fix this, please change the order of roles in your playbook,
      so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-telegram role.
  when: matrix_nginx_proxy_role_executed | default(False) | bool

- name: Generate Matrix LDAP registration proxy proxying configuration for matrix-nginx-proxy
  ansible.builtin.set_fact:
    matrix_ldap_registration_proxy_matrix_nginx_proxy_configuration: |
      location {{ matrix_ldap_registration_proxy_registration_endpoint }} {
      {% if matrix_nginx_proxy_enabled | default(False) %}
          {# Use the embedded DNS resolver in Docker containers to discover the service #}
          resolver 127.0.0.11 valid=5s;
          set $backend "{{ matrix_ldap_registration_proxy_registration_addr_with_container }}";
          proxy_pass http://$backend/register;
      {% else %}
          {# Generic configuration for use outside of our container setup #}
          proxy_pass http://{{ matrix_ldap_registration_proxy_registration_addr_sans_container }}/register;
      {% endif %}
      }

- name: Register Matrix LDAP registration proxy proxying configuration with matrix-nginx-proxy
  ansible.builtin.set_fact:
    matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
      {{
        matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([])
        +
        [matrix_ldap_registration_proxy_matrix_nginx_proxy_configuration]
      }}

- name: Warn about reverse-proxying if matrix-nginx-proxy not used
  ansible.builtin.debug:
    msg: >-
      NOTE: You've enabled the Matrix LDAP registration proxy bridge but are not using the matrix-nginx-proxy
      reverse proxy.
      Please make sure that you're proxying the `{{ matrix_ldap_registration_proxy_public_endpoint }}`
      URL endpoint to the matrix-ldap-proxy container.
      You can expose the container's port using the `matrix_ldap_registration_proxy_container_http_host_bind_port` variable.
  when: "not matrix_nginx_proxy_enabled | default(False) | bool"