- name: validate requirements for fluentbit
  gather_facts: yes
  hosts: servers
  become: "{{become}}"
  vars:

    auth_log_file: "{{ 'auth.log' if ansible_facts['os_family'] == 'Debian' else 'secure' }}"

  tasks:

  #
  # mandatory checks - will stop tasks if fails
  #

  # https://docs.ansible.com/ansible/latest/collections/ansible/builtin/wait_for_module.html
  - name: time-series server is reachable
    wait_for: host={{tsdb_host}} port={{tsdb_port}} timeout=1

  - name: log server is reachable
    wait_for: host={{log_host}} port={{log_port}} timeout=1

  # https://docs.ansible.com/ansible/latest/collections/ansible/builtin/shell_module.html
  - name: fluentbit is installed
    ansible.builtin.shell:
      executable: /bin/bash
      cmd: "[[ -x /opt/fluent-bit/bin/fluent-bit || -x /usr/local/bin/fluent-bit ]] && [[ -d /etc/fluent-bit/ ]]"
    changed_when: false

  # TODO install geoipupdate --or-- grab once and deploy more
  - name: mmdb files are there
    ansible.builtin.shell:
      executable: /bin/bash
      cmd: "ls -lhF /etc/fluent-bit/*.mmdb"
    changed_when: false

  - name: auth log is there
    ansible.builtin.shell:
      executable: /bin/bash
      cmd: "ls -lhF /var/log/{{ auth_log_file }}"
    register: autl_log_there
    changed_when: false

  # https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_tests.html#type-tests
  - name: assert variables
    assert:
      that: ( addons is defined ) and ( addons is not string ) and ( addons is not mapping ) and ( addons is iterable ) and ( addons is sequence )