---
# Configure Zabbix. A host including this file should
# - deploy the required scripts & agent config to the host
# - add itself to the required hostgroup
# - add itself to the required template

# Custom SELinux requirements for Zabbix to execute monitoring binaries
- name: Ensure a directory exists for Postfix+Zabbix selinux module
  ansible.builtin.file:
    path: /usr/local/share/zabbix
    state: directory
    mode: '0755'
  tags:
  - selinux
  - postfix
  - zabbix_agent

- name: Copy Postfix Zabbix SELinux module
  ansible.builtin.copy:
    src: postfix/zabbix-selinux.te
    dest: /usr/local/share/zabbix/zabbix_sendmail.te
    owner: root
    group: root
    mode: '0644'
  register: selinux_zabbix_file
  tags:
  - selinux
  - postfix
  - zabbix_agent

- name: Compile and install SELinux module
  ansible.builtin.include_tasks: "{{ tasks_path }}/compile-selinux.yml"
  vars:
    selinux_module_dir: /usr/local/share/zabbix
    selinux_module_name: zabbix_sendmail
  when: selinux_zabbix_file.changed # noqa: no-handler
  tags:
  - selinux
  - postfix
  - zabbix_agent

# On a fresh install, the zabbix user won't exist yet
# so don't try to set it here. The agent role will fix it later
- name: Ensure Zabbix drop-in directory
  ansible.builtin.file:
    path: /etc/zabbix/zabbix_agentd.d
    state: directory
    mode: '0755'

- name: Install Zabbix agent config drop-in
  ansible.builtin.copy:
    src: postfix/zabbix-agent-dropin
    dest: /etc/zabbix/zabbix_agentd.d/postfix.conf
    mode: '0644'
  notify:
    - Restart zabbix agent
  tags:
    - postfix
    - zabbix_agent

- name: Install Zabbix check script
  ansible.builtin.copy:
    src: postfix/zabbix-check-script
    dest: /usr/local/bin/zabbix-test.sh
    mode: '0755'
  tags:
    - postfix
    - zabbix_agent

- name: Zabbix API Block
  vars:
    ansible_zabbix_auth_key: "{{ zabbix_auth_key }}"
    ansible_network_os: "{{ zabbix_network_os }}"
    ansible_connection: "{{ zabbix_connection }}"
    ansible_httpapi_port: "{{ zabbix_httpapi_port }}"
    ansible_httpapi_use_ssl: "{{ zabbix_httpapi_use_ssl }}"
    ansible_httpapi_validate_certs: "{{ zabbix_httpapi_validate_certs }}"
    ansible_host: "{{ zabbix_server }}"
    ansible_zabbix_url_path: "{{ zabbix_url_path }}"
  tags:
    - zabbix_api
    - zabbix_agent
  block:
    - name: Import Postfix Zabbix template file
      community.zabbix.zabbix_template:
        template_yaml: "{{ lookup('file', 'postfix/zabbix-template.yml') }}"
        state: present
    - name: Ensure Postfix Zabbix hostgroup is present
      community.zabbix.zabbix_group:
        host_groups:
          - Postfix servers
        state: present
    - name: Add self to Postfix in Zabbix
      community.zabbix.zabbix_host:
        host_name: "{{ inventory_hostname }}"
        host_groups: Postfix servers
        link_templates: Postfix Mail Queue
        force: false