---

- name: Gather Icinga2 Agent facts
  delegate_to: "{{ icinga2_agent }}"
  delegate_facts: true
  ansible.builtin.setup:
    gather_subset: default_ipv4
  register: i2_agent

- name: Allow incoming icinga2
  become: true
  ansible.builtin.template:
    src: nftables/input.d/icinga2.conf.j2
    dest: /etc/nftables/input.d/icinga2.conf
    mode: 0640
  notify: Reload nftables service

- name: Add Icinga2 Agent to /etc/hosts
  become: true
  ansible.builtin.lineinfile:
    path: /etc/hosts
    line: "{{ i2_agent.ansible_facts.ansible_default_ipv4.address }}\t{{ icinga2_agent }}"

- name: Setup Master node
  become: true
  ansible.builtin.command:
    cmd: "icinga2 node setup --master --cn {{ ansible_hostname }} --disable-confd"
    creates: "/var/lib/icinga2/certs/{{ ansible_hostname }}.crt"
  notify: Restart icinga2 service

- name: Create master zone directory
  become: true
  ansible.builtin.file:
    path: /etc/icinga2/zones.d/master
    state: directory
    owner: nagios
    group: nagios
    mode: 0750