self-hosting/roles/icinga2_master/tasks/main.yml

---

- name: Allow icinga2 to/from Agent
  become: true
  ansible.builtin.template:
    src: "nftables/{{ item }}.d/icinga2.conf.j2"
    dest: "/etc/nftables/{{ item }}.d/icinga2.conf"
    mode: 0640
  loop:
    - input
    - output
  notify: Reload nftables service

- name: Add Icinga2 Agent to /etc/hosts
  become: true
  ansible.builtin.lineinfile:
    path: /etc/hosts
    line: "{{ hostvars[icinga2_agent].ipv4_addr }}\t{{ icinga2_agent }}"

- name: Setup Master node
  become: true
  ansible.builtin.command:
    cmd: "icinga2 node setup --master --cn {{ ansible_hostname }} --disable-confd"
    creates: "/var/lib/icinga2/certs/{{ ansible_hostname }}.crt"
  notify: Restart icinga2 service

- name: Copy zones.conf file
  become: true
  ansible.builtin.template:
    src: zones.conf.j2
    dest: /etc/icinga2/zones.conf
    owner: nagios
    group: nagios
    mode: 0644
  notify: Reload icinga2 service

- name: Create master zone directory
  become: true
  ansible.builtin.file:
    path: /etc/icinga2/zones.d/master
    state: directory
    owner: nagios
    group: nagios
    mode: 0750

- name: Copy files under master zone directory
  become: true
  ansible.builtin.template:
    src: "{{ item }}"
    dest: "/etc/icinga2/zones.d/master/{{ item | basename | replace('.j2', '') }}"
    owner: nagios
    group: nagios
    mode: 0644
  with_fileglob:
    - "{{ role_path }}/templates/zones.d/master/*"
  notify: Reload icinga2 service

- name: Install bsd-mailx for sending mail notifications
  become: true
  ansible.builtin.apt:
    name: bsd-mailx

- name: Copy get_service_states.sh script
  become: true
  ansible.builtin.template:
    src: get_service_states.sh.j2
    dest: /usr/local/bin/get_service_states.sh
    owner: root
    group: root
    mode: 0700