- name: install package
  package:
    name: "{{ prometheus_package }}"

- name: allow access to metrics from grafana
  ufw:
    rule: allow
    direction: in
    proto: tcp
    src: "{{ grafana_server_ip }}"
    to_port: "{{ prometheus_port }}"

- name: allow access to metrics from management
  ufw:
    rule: allow
    direction: in
    proto: tcp
    src: "{{ management_ip }}"
    to_port: "{{ prometheus_port }}"

- name: copy config file
  copy:
    src: "{{ prometheus_config }}"
    dest: /etc/prometheus/prometheus.yml
    owner: root
    group: root
    mode: '0644'

- name: copy defaults file
  copy:
    src: "{{ prometheus_defaults }}"
    dest: /etc/default/prometheus
    owner: root
    group: root
    mode: '0644'

- name: enable service
  systemd:
    name: prometheus
    enabled: yes
    masked: no

- name: restart service
  service:
    name: prometheus
    state: restarted

- name: deploy nginx configuration
  copy:
    src: "{{ prometheus_nginx_config }}"
    dest: /etc/nginx/sites-available/grafana.conf
    owner: root
    group: root
    mode: '0644'

- name: symlink site
  file:
    src: /etc/nginx/sites-available/grafana.conf
    dest: /etc/nginx/sites-enabled/grafana.conf
    owner: root
    group: root
    state: link

- name: allow http (80/tcp) traffic
  ufw:
    rule: allow
    port: '80'
    proto: tcp

- name: allow https (443/tcp) traffic
  ufw:
    rule: allow
    port: '443'
    proto: tcp

- name: restart nginx
  service:
    name: nginx
    state: restarted