---
- import_tasks: RedHat.yml
  when: ansible_os_family == 'RedHat'

- import_tasks: Debian.yml
  when: ansible_os_family == 'Debian'

- name: Install Filebeat.
  package: name=filebeat state=present
  register: filebeat_installing_package
  until: filebeat_installing_package is succeeded
  tags:
    - install

- name: Check if certificate exists locally
  stat:
    path: "{{node_certs_destination}}/{{ filebeat_node_name }}.crt"
  register: certificate_file_exists
  when:
    - filebeat_xpack_security

- name: Copy key & certificate files in generator node (locally)
  synchronize:
    src: "{{node_certs_source}}/{{filebeat_node_name}}/"
    dest: "{{node_certs_destination}}/"
  delegate_to: "{{ node_certs_generator_ip }}"
  when: 
    - node_certs_generator
    - filebeat_xpack_security
    - not certificate_file_exists.stat.exists
  tags: xpack-security

- name: Copy ca certificate file in generator node (locally)
  synchronize:
    src: "{{node_certs_source}}/ca/"
    dest: "{{node_certs_destination}}/"
  delegate_to: "{{ node_certs_generator_ip }}"
  when: 
    - node_certs_generator
    - filebeat_xpack_security
    - not certificate_file_exists.stat.exists
  register: check_certs_permissions
  tags: xpack-security
  
- name: Importing key & certificate files from generator node
  shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/{{filebeat_node_name}}/ {{node_certs_destination}}/"
  when:
    - not node_certs_generator
    - filebeat_xpack_security
    - not certificate_file_exists.stat.exists
  tags: xpack-security

- name: Importing ca certificate file from generator node 
  shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/ca/ {{node_certs_destination}}/"
  when:
    - not node_certs_generator
    - filebeat_xpack_security
    - not certificate_file_exists.stat.exists
  register: check_certs_permissions
  tags: xpack-security

- name: Ensuring certificates folder owner
  shell: "chmod -R 770 {{node_certs_destination}}/"
  when:
    - check_certs_permissions is defined
    - filebeat_xpack_security
  tags: xpack-security

- import_tasks: config.yml
  when: filebeat_create_config
  notify: restart filebeat

- name: Reload systemd
  systemd: daemon_reload=yes
  ignore_errors: true
  when:
    - not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
    - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
    - not (ansible_distribution == "Debian" and ansible_distribution_version is version('8', '<'))
    - not (ansible_os_family == "RedHat" and ansible_distribution_version is version('7', '<'))

- name: Ensure Filebeat is started and enabled at boot.
  service:
    name: filebeat
    state: started
    enabled: true

- import_tasks: "RMRedHat.yml"
  when: ansible_os_family == "RedHat"

- import_tasks: "RMDebian.yml"
  when: ansible_os_family == "Debian"