SensusAgent/runner/deploy-service/playbook.yml

---
- hosts: all
  gather_facts: no
  become: true
  become_user: root
  become_method: sudo
  vars:
    remote_dir: /opt/sensusagent
    local_bin_dir: "{{ LOCAL_BIN_DIR | default('./bin/agent') }}"
    tmp_dir: /tmp/sensusagent_upload
  tasks:
    - name: Ensure temp and remote dirs exist
      ansible.builtin.raw: |
        mkdir -p {{ tmp_dir }} && chmod 0777 {{ tmp_dir }}
        mkdir -p {{ remote_dir }} && chmod 0755 {{ remote_dir }}

    - name: Copy agent binary via scp to tmp (from controller)
      ansible.builtin.command: >
        scp -B -i {{ ansible_ssh_private_key_file | default('~/.ssh/id_rsa') }}
        -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null
        {{ local_bin_dir }}/agent {{ ansible_user }}@{{ ansible_host }}:{{ tmp_dir }}/agent
      delegate_to: localhost

    - name: Generate config.yaml from template
      ansible.builtin.template:
        src: ../templates/config.yaml.j2
        dest: "{{ tmp_dir }}/config.yaml"
        mode: '0644'
      delegate_to: localhost
      run_once: true

    - name: Copy collectors directory via scp -r to tmp (from controller)
      ansible.builtin.command: >
        scp -r -B -i {{ ansible_ssh_private_key_file | default('~/.ssh/id_rsa') }}
        -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null
        {{ local_bin_dir }}/collectors {{ ansible_user }}@{{ ansible_host }}:{{ tmp_dir }}/
      delegate_to: localhost

    - name: Move files into {{ remote_dir }} with root and fix permissions
      ansible.builtin.raw: |
        cp -f {{ tmp_dir }}/agent {{ remote_dir }}/agent && chmod 0755 {{ remote_dir }}/agent
        cp -f {{ tmp_dir }}/config.yaml {{ remote_dir }}/config.yaml && chmod 0644 {{ remote_dir }}/config.yaml
        rm -rf {{ remote_dir }}/collectors && mkdir -p {{ remote_dir }}/collectors && cp -r {{ tmp_dir }}/collectors/* {{ remote_dir }}/collectors/ || true
        chmod -R 0755 {{ remote_dir }}/collectors 2>/dev/null || true
        rm -rf {{ tmp_dir }}

    - name: Optional deps (Debian/Ubuntu) — ignore errors
      ansible.builtin.raw: |
        if [ -f /etc/debian_version ]; then \
          apt-get update -o Acquire::AllowInsecureRepositories=true -o Acquire::https::Verify-Peer=false -o Acquire::https::Verify-Host=false || true; \
          apt-get install -y --no-install-recommends sysstat iotop smartmontools nvme-cli mdadm lsscsi sg3-utils pciutils lm-sensors ipmitool jq || true; \
          systemctl enable --now sysstat || true; \
        fi
      ignore_errors: yes

    - name: Optional deps (RHEL/CentOS) — ignore errors
      ansible.builtin.raw: |
        if [ -f /etc/redhat-release ]; then \
          yum install -y sysstat iotop smartmontools nvme-cli mdadm lsscsi sg3_utils pciutils lm_sensors ipmitool jq || true; \
          systemctl enable --now sysstat || true; \
        fi
      ignore_errors: yes

    - name: Generate systemd unit from template
      ansible.builtin.template:
        src: ../templates/sensusagent.service.j2
        dest: "{{ tmp_dir }}/sensusagent.service"
        mode: '0644'
      delegate_to: localhost
      run_once: true

    - name: Install/refresh systemd unit
      ansible.builtin.raw: |
        cp {{ tmp_dir }}/sensusagent.service /etc/systemd/system/sensusagent.service
        systemctl daemon-reload

    - name: Enable and start service
      ansible.builtin.raw: "systemctl enable --now sensusagent"