--- - name: Allow icinga2 to/from Agent, and needed ports for some checks become: true ansible.builtin.template: src: "nftables/{{ item }}.d/icinga2.conf.j2" dest: "/etc/nftables/{{ item }}.d/icinga2.conf" mode: 0640 loop: - input - output notify: Reload nftables service - name: Add Icinga2 Agent to /etc/hosts become: true ansible.builtin.lineinfile: path: /etc/hosts line: "{{ hostvars[icinga2_agent].ipv4_addr }}\t{{ icinga2_agent }}" - name: Setup Master node become: true ansible.builtin.command: cmd: "icinga2 node setup --master --cn {{ ansible_hostname }} --disable-confd" creates: "/var/lib/icinga2/certs/{{ ansible_hostname }}.crt" notify: Restart icinga2 service - name: Copy zones.conf file become: true ansible.builtin.template: src: zones.conf.j2 dest: /etc/icinga2/zones.conf owner: nagios group: nagios mode: 0644 notify: Reload icinga2 service - name: Create master zone directory become: true ansible.builtin.file: path: /etc/icinga2/zones.d/master state: directory owner: nagios group: nagios mode: 0750 - name: Copy files under master zone directory become: true ansible.builtin.template: src: "{{ item }}" dest: "/etc/icinga2/zones.d/master/{{ item | basename | replace('.j2', '') }}" owner: nagios group: nagios mode: 0644 with_fileglob: - "{{ role_path }}/templates/zones.d/master/*.conf.j2" notify: Reload icinga2 service - name: Create services directory become: true ansible.builtin.file: path: /etc/icinga2/zones.d/master/services state: directory owner: nagios group: nagios mode: 0750 - name: Copy common services become: true ansible.builtin.template: src: zones.d/master/services/common.conf.j2 dest: /etc/icinga2/zones.d/master/services/common.conf owner: nagios group: nagios mode: 0644 notify: Reload icinga2 service - name: Install bsd-mailx for sending mail notifications become: true ansible.builtin.apt: name: bsd-mailx - name: Copy get_service_states.sh script become: true ansible.builtin.template: src: get_service_states.sh.j2 dest: /usr/local/bin/get_service_states.sh owner: root group: root mode: 0700