---
- name: monitoring
  tags: monitoring
  block:
    - name: Install dependencies
      apt:
        name: nginx
        state: present

    - name: Clear default nginx site
      file:
        state: absent
        path: /etc/nginx/sites-enabled/default
      notify: reload nginx

    - name: Install nginx site
      template:
        src: nginx-site.conf
        dest: /etc/nginx/sites-available/monitoring
        owner: root
        group: root
        mode: 0644
      notify: reload nginx

    - name: Enable nginx site
      file:
        src: /etc/nginx/sites-available/monitoring
        dest: /etc/nginx/sites-enabled/monitoring
        state: link
      notify: reload nginx

    - name: Start nginx
      systemd:
        name: nginx
        state: started
        enabled: yes

    - name: Allow HTTP/HTTPS
      iptables:
        chain: INPUT
        protocol: tcp
        destination_port: "{{ item.port }}"
        ctstate: NEW
        jump: ACCEPT
        ip_version: "{{ item.ip }}"
        action: insert
      with_items:
        - { ip: ipv6, port: 80 }
        - { ip: ipv6, port: 443 }
      notify: persist iptables

- name: mqtt_exporter
  tags: mqtt_exporter
  import_tasks: mqtt_exporter.yaml

- name: blackbox
  tags: blackbox
  import_tasks: blackbox.yaml

- name: prometheus
  tags: prometheus
  import_tasks: prometheus.yaml

- name: grafana
  tags: grafana
  import_tasks: grafana.yaml