ansible-role-icinga2/tasks/config.yml

---
- name: remove old config files
  ansible.builtin.file:
    path: /etc/icinga2/conf.d/apt.conf
    state: absent
  notify: reload icinga2
  tags: icinga2

- name: copy scripts
  ansible.builtin.copy:
    content: '{{ item.value }}'
    dest: '/etc/icinga2/scripts/{{ item.key }}'
    owner: root
    group: nagios
    mode: 0750
  loop: '{{ icinga2_scripts | dict2items }}'
  loop_control:
    label: '{{ item.key }}'
  tags: icinga2

- name: copy config files
  ansible.builtin.template:
    src: '{{ item }}.conf.j2'
    dest: '/etc/icinga2/conf.d/{{ item }}.conf'
    owner: root
    group: nagios
    mode: 0640
  loop:
    - check_commands
    - commands
    - dependencies
    - groups
    - hosts
    - notifications
    - services
    - templates
    - timeperiods
    - users
  notify: reload icinga2
  tags: icinga2

- name: copy zones config files
  ansible.builtin.template:
    src: zones.conf.j2
    dest: /etc/icinga2/zones.conf
    owner: root
    group: nagios
    mode: 0640
  notify: reload icinga2
  tags: icinga2

- name: copy ido config file
  ansible.builtin.template:
    src: ido-db.conf.j2
    dest: /etc/icinga2/conf.d/ido-db.conf
    owner: root
    group: nagios
    mode: 0640
  notify: restart icinga2
  tags: icinga2

- name: copy api SSL key
  ansible.builtin.copy:
    content: '{{ icinga2_api_ssl_node_key }}'
    dest: '/var/lib/icinga2/certs/{{ inventory_hostname }}.key'
    owner: root
    group: nagios
    mode: 0640
  when: '"api" in icinga2_features'
  notify: restart icinga2
  tags: icinga2

- name: copy api SSL certificate
  ansible.builtin.copy:
    content: '{{ icinga2_api_ssl_node_crt }}'
    dest: '/var/lib/icinga2/certs/{{ inventory_hostname }}.crt'
    owner: root
    group: nagios
    mode: 0640
  when: '"api" in icinga2_features'
  notify: restart icinga2
  tags: icinga2

- name: copy api SSL ca certifiacte
  ansible.builtin.copy:
    content: '{{ icinga2_api_ssl_ca_crt }}'
    dest: '{{ item }}/ca.crt'
    owner: root
    group: nagios
    mode: 0640
  when: '"api" in icinga2_features'
  loop:
    - /var/lib/icinga2/certs
    - /etc/icinga2/pki
  notify: restart icinga2
  tags: icinga2

- name: copy api SSL ca key
  ansible.builtin.copy:
    content: '{{ icinga2_api_ssl_ca_key }}'
    dest: /etc/icinga2/pki/ca.key
    owner: root
    group: nagios
    mode: 0640
  when: '"api" in icinga2_features and icinga2_master'
  notify: restart icinga2
  tags: icinga2

- name: copy feature config files
  ansible.builtin.template:
    src: feature.conf.j2
    dest: '/etc/icinga2/features-available/{{ item.key }}.conf'
    owner: root
    group: nagios
    mode: 0640
  loop: '{{ icinga2_features | dict2items }}'
  loop_control:
    label: '{{ item.key }}'
  notify: restart icinga2
  tags: icinga2

- name: manage features
  community.general.icinga2_feature:
    name: '{{ item.key }}'
    state: '{{ item.state | default("present") }}'
  loop: '{{ icinga2_features | dict2items }}'
  loop_control:
    label: '{{ item.key }}'
  notify: restart icinga2
  tags: icinga2