---
# roles/pfsense_upgrade/tasks/preflight.yml
# Validate SSH connectivity, confirm host is pfSense, check disk space.

- name: Verify SSH connectivity to pfSense host
  ansible.builtin.raw: echo "ping"
  register: _ssh_test
  changed_when: false
  failed_when: _ssh_test.rc != 0

- name: Confirm host is running pfSense (check version file)
  ansible.builtin.raw: test -f {{ pfsense_version_file }} && echo "pfsense_ok"
  register: _pfsense_check
  changed_when: false
  failed_when: "'pfsense_ok' not in _pfsense_check.stdout"

- name: Check available disk space on root filesystem (must be ≥ 200 MB)
  ansible.builtin.raw: >
    df -m / | awk 'NR==2 {print $4}'
  register: _disk_avail
  changed_when: false

- name: Fail if disk space is insufficient
  ansible.builtin.fail:
    msg: >
      Host {{ inventory_hostname }} only has {{ _disk_avail.stdout | trim }} MB free on /.
      At least 200 MB is required to safely upgrade pfSense.
  when: (_disk_avail.stdout | trim | int) < 200

- name: Check that pfSense-upgrade binary exists
  ansible.builtin.raw: test -x {{ pfsense_upgrade_bin }} && echo "bin_ok"
  register: _bin_check
  changed_when: false
  failed_when: "'bin_ok' not in _bin_check.stdout"

- name: Pre-flight summary
  ansible.builtin.debug:
    msg: >
      Pre-flight OK — {{ inventory_hostname }}:
      disk free={{ _disk_avail.stdout | trim }}MB,
      pfSense-upgrade binary present.