Post-Tyranny-Tech-Infrastructure/ansible/roles/kuma/tasks/main.yml

---
# Register client services with Uptime Kuma monitoring
# Uses uptime-kuma-api Python library with Socket.io

- name: Set Kuma credentials from shared secrets
  set_fact:
    kuma_username: "{{ shared_secrets.kuma_username | default('') }}"
    kuma_password: "{{ shared_secrets.kuma_password | default('') }}"
  when: shared_secrets is defined

- name: Check if Kuma monitoring is enabled
  set_fact:
    kuma_registration_enabled: "{{ (kuma_enabled | bool) and (kuma_url | length > 0) and (kuma_username | length > 0) and (kuma_password | length > 0) }}"

- name: Kuma registration block
  when: kuma_registration_enabled
  delegate_to: localhost
  become: false
  block:
    - name: Ensure uptime-kuma-api Python package is installed
      pip:
        name: uptime-kuma-api
        state: present

    - name: Create Kuma registration script
      template:
        src: register_monitors.py.j2
        dest: /tmp/kuma_register_{{ client_name }}.py
        mode: '0700'

    - name: Register monitors with Uptime Kuma
      command: "{{ ansible_playbook_python }} /tmp/kuma_register_{{ client_name }}.py"
      register: kuma_result
      changed_when: "'Added' in kuma_result.stdout or 'Updated' in kuma_result.stdout"
      failed_when: kuma_result.rc != 0

    - name: Display Kuma registration result
      debug:
        msg: "{{ kuma_result.stdout_lines }}"

    - name: Cleanup registration script
      file:
        path: /tmp/kuma_register_{{ client_name }}.py
        state: absent

- name: Skip Kuma registration message
  debug:
    msg: "Kuma monitoring registration skipped (not enabled or missing credentials)"
  when: not kuma_registration_enabled