- name: ensure fluent-bit is installed
  package:
    name: fluent-bit
    state: present
  tags:
  - install

- name: ensure fluent-bit config include directory exists
  file:
    path: /etc/fluent-bit/include
    owner: root
    group: root
    mode: u=rwx,go=
    state: directory
  tags:
  - config
# fluent-bit will fail to start if a glob pattern listed in `includes` does not
# match any files.  To allow roles to drop additiona configuration files in the
# include directory without modifying the main configuration file, we need to
# have an empty file in the include directory all the time.
- name: ensure fluent-bit empty include file exists
  copy:
    dest: /etc/fluent-bit/include/_.yml
    content: ''
    owner: root
    group: root
    mode: u=rwx,go=
  tags:
  - config

- name: ensure fluent-bit is configured
  copy:
    dest: /etc/fluent-bit/fluent-bit.yml
    content: '{{ fluent_bit_config | to_nice_yaml(indent=2) }}'
    owner: root
    group: root
    mode: u=rw,go=
  notify:
  - restart fluent-bit
  tags:
  - config

# The default unit configuration for fluent-bit.service sucks.  It runs
# as root without any kind of restrictions or sandboxing, forces the
# "classic" configuration format (which is deprecated in favor of
# YAML), and does not support hot reload.  It's very simple, so we can
# replace it completely without too much worry about upstream changes.
- name: ensure custom fluent-bit systemd service unit file is installed
  copy:
    src: fluent-bit.service
    dest: /etc/systemd/system/fluent-bit.service
    owner: root
    group: root
    mode: u=rw,go=r
  notify:
  - reload systemd
  - restart fluent-bit
  tags:
  - systemd

- name: ensure fluent-bit starts at boot
  service:
    name: fluent-bit
    enabled: true
  tags:
  - service

- name: flush handlers
  meta: flush_handlers

- name: ensure fluent-bit is running
  service:
    name: fluent-bit
    state: started
  tags:
  - service