pipeline {
    agent any
    
    options {
        ansiColor('xterm')  
    }

    environment {
        ANSIBLE_HOST_KEY_CHECKING = 'false'
        VAULT_PASSWORD = credentials('vault_password')
    }

    parameters {
        choice(
            name: 'DEPLOY_TARGET',
            choices: ['SiteA', 'SiteB', 'All'],
            description: 'Выберите сайты для развертывания'
        )
        
        string(name: 'ADDITIONAL_CONTENT_SITEA_H2', defaultValue: 'Новое сообщение для SiteA', description: 'Дополнительный <h2> контент для SiteA')
        string(name: 'ADDITIONAL_CONTENT_SITEA_P', defaultValue: 'Дополнительный параграф для SiteA', description: 'Дополнительный <p> контент для SiteA')
        
        string(name: 'ADDITIONAL_CONTENT_SITEB_H2', defaultValue: 'Новое сообщение для SiteB', description: 'Дополнительный <h2> контент для SiteB')
        string(name: 'ADDITIONAL_CONTENT_SITEB_P', defaultValue: 'Дополнительный параграф для SiteB', description: 'Дополнительный <p> контент для SiteB')
    }

    stages {
        stage('Decrypt SSH Key') {
            steps {
                script {
                    def tempDir = '/tmp/' + UUID.randomUUID().toString()
                    env.TEMP_DIR = tempDir
                    sh "mkdir -p ${tempDir}"

                    def decryptedKeyFile = "${tempDir}/id_ed25519"
                    def vaultPassFile = "${tempDir}/vault_pass"

                    writeFile file: vaultPassFile, text: VAULT_PASSWORD

                    sh """
                    ansible-vault decrypt ./ansible/id_ed25519_vault --output=${decryptedKeyFile} --vault-password-file=${vaultPassFile}
                    """

                    env.DECYPTED_KEY_FILE = decryptedKeyFile
                }
            }
        }

        stage('Deploy Site') {
            steps {
                script {
                    def selectedHosts
                    def extraVars = [
                        ansible_ssh_private_key_file: env.DECYPTED_KEY_FILE
                    ]

                    switch(params.DEPLOY_TARGET) {
                        case 'SiteA':
                            selectedHosts = 'SiteA,proxy'
                            extraVars.siteA_h2 = params.ADDITIONAL_CONTENT_SITEA_H2
                            extraVars.siteA_p = params.ADDITIONAL_CONTENT_SITEA_P
                            break
                        case 'SiteB':
                            selectedHosts = 'SiteB,proxy'
                            extraVars.siteB_h2 = params.ADDITIONAL_CONTENT_SITEB_H2
                            extraVars.siteB_p = params.ADDITIONAL_CONTENT_SITEB_P
                            break
                        case 'All':
                            selectedHosts = 'SiteA,SiteB,proxy'
                            extraVars.siteA_h2 = params.ADDITIONAL_CONTENT_SITEA_H2
                            extraVars.siteA_p = params.ADDITIONAL_CONTENT_SITEA_P
                            extraVars.siteB_h2 = params.ADDITIONAL_CONTENT_SITEB_H2
                            extraVars.siteB_p = params.ADDITIONAL_CONTENT_SITEB_P
                            break
                        default:
                            error "Неизвестный DEPLOY_TARGET: ${params.DEPLOY_TARGET}"
                    }

                    ansiblePlaybook(
                        playbook: 'ansible/playbook.yml',
                        inventory: "ansible/inventory.yml",
                        extraVars: extraVars,
                        limit: selectedHosts
                    )
                }
            }
        }
    }

    post {
        always {
            script {
                if (env.TEMP_DIR) {
                    sh "rm -rf ${env.TEMP_DIR}"
                }
            }
        }
        success {
            echo 'Deployment completed successfully.'
        }
        failure {
            echo 'Deployment failed. Please check the logs for more details.'
        }
    }
}