first version

tasks/base.yml

@@ -0,0 +1,45 @@
+---
+- name: install dependencies packages
+  package:
+    name: apt-transport-https
+  retries: 2
+  register: result
+  until: result is succeeded
+  tags: icinga2
+
+- name: add key repository
+  apt_key:
+    url: https://packages.icinga.com/icinga.key
+  retries: 2
+  register: result
+  until: result is succeeded
+  tags: icinga2
+
+- name: add repository
+  apt_repository:
+    repo: 'deb https://packages.icinga.com/debian icinga-{{ ansible_distribution_release }} main'
+  retries: 2
+  register: result
+  until: result is succeeded
+  tags: icinga2
+
+- name: install packages
+  package:
+    name:
+      - icinga2
+      - 'icinga2-ido-{{ icinga2_db_type }}'
+      - icingacli
+      - monitoring-plugins
+  retries: 2
+  register: result
+  until: result is succeeded
+  tags: icinga2
+
+- name: create certs directory
+  file:
+    path: /var/lib/icinga2/certs
+    owner: root
+    group: nagios
+    mode: 0750
+    state: directory
+  tags: icinga2

tasks/config.yml

@@ -0,0 +1,116 @@
+---
+- name: remove old config files
+  file:
+    path: /etc/icinga2/conf.d/apt.conf
+    state: absent
+  notify: reload icinga2
+  tags: icinga2
+
+- name: copy config files
+  template:
+    src: '{{ item }}.conf.j2'
+    dest: '/etc/icinga2/conf.d/{{ item }}.conf'
+    owner: root
+    group: nagios
+    mode: 0640
+  loop:
+    - check_commands
+    - groups
+    - hosts
+    - notifications
+    - services
+    - templates
+    - timeperiods
+    - users
+  notify: reload icinga2
+  tags: icinga2
+
+- name: copy zones config files
+  template:
+    src: zones.conf.j2
+    dest: /etc/icinga2/zones.conf
+    owner: root
+    group: nagios
+    mode: 0640
+  notify: reload icinga2
+  tags: icinga2
+
+- name: copy ido config file
+  template:
+    src: ido-db.conf.j2
+    dest: /etc/icinga2/conf.d/ido-db.conf
+    owner: root
+    group: nagios
+    mode: 0640
+  notify: restart icinga2
+  tags: icinga2
+
+- name: copy api SSL key
+  copy:
+    content: '{{ icinga2_api_ssl_node_key }}'
+    dest: '/var/lib/icinga2/certs/{{ inventory_hostname }}.key'
+    owner: root
+    group: nagios
+    mode: 0640
+  when: '"api" in icinga2_features'
+  notify: restart icinga2
+  tags: icinga2
+
+- name: copy api SSL certificate
+  copy:
+    content: '{{ icinga2_api_ssl_node_crt }}'
+    dest: '/var/lib/icinga2/certs/{{ inventory_hostname }}.crt'
+    owner: root
+    group: nagios
+    mode: 0640
+  when: '"api" in icinga2_features'
+  notify: restart icinga2
+  tags: icinga2
+
+- name: copy api SSL ca certifiacte
+  copy:
+    content: '{{ icinga2_api_ssl_ca_crt }}'
+    dest: '{{ item }}/ca.crt'
+    owner: root
+    group: nagios
+    mode: 0640
+  when: '"api" in icinga2_features'
+  loop:
+    - /var/lib/icinga2/certs
+    - /etc/icinga2/pki
+  notify: restart icinga2
+  tags: icinga2
+
+- name: copy api SSL ca key
+  copy:
+    content: '{{ icinga2_api_ssl_ca_key }}'
+    dest: /etc/icinga2/pki/ca.key
+    owner: root
+    group: nagios
+    mode: 0640
+  when: '"api" in icinga2_features and icinga2_master'
+  notify: restart icinga2
+  tags: icinga2
+
+- name: copy feature config files
+  template:
+    src: feature.conf.j2
+    dest: '/etc/icinga2/features-available/{{ item.key }}.conf'
+    owner: root
+    group: nagios
+    mode: 0640
+  loop: '{{ icinga2_features|dict2items }}'
+  loop_control:
+    label: '{{ item.key }}'
+  notify: restart icinga2
+  tags: icinga2
+
+- name: manage features
+  icinga2_feature:
+    name: '{{ item.key }}'
+    state: '{{ item.state|default("present") }}'
+  loop: '{{ icinga2_features|dict2items }}'
+  loop_control:
+    label: '{{ item.key }}'
+  notify: restart icinga2
+  tags: icinga2

tasks/main.yml

@@ -0,0 +1,4 @@
+---
+- import_tasks: base.yml
+- import_tasks: config.yml
+- import_tasks: service.yml

tasks/service.yml

@@ -0,0 +1,7 @@
+---
+- name: enable and start service
+  service:
+    name: icinga2
+    enabled: true
+    state: started
+  tags: icinga2