---

- name: verify that all.log exists
  stat:
    path: /var/log/all.log
  register: result

- name: create dummy all.log file
  file:
    path: /var/log/all.log
    state: touch
    mode: 0644
    owner: root
    group: "{{ ansible_wheel }}"
  when: not result.stat.exists

- name: enable all.log
  lineinfile:
    path: /etc/syslog.conf
    line: "*.* /var/log/all.log"
  notify: restart syslogd

- name: enable all.log rotation
  lineinfile:
    path: /etc/newsyslog.conf
    regexp: "^/var/log/all.log.*"
    line: "/var/log/all.log root:{{ ansible_wheel }}	640  7     *    $D0  Z"

- block:
    - name: configure certificates for remote logging
      service:
        name: syslogd
        arguments: "-h -c {{ tls_certs }}/{{ inventory_hostname }}.crt -k {{ tls_private }}/{{ inventory_hostname }}.key"
        enabled: true
    - name: enable remote logging
      lineinfile:
        path: /etc/syslog.conf
        regexp: '^\*\.\* @.*'
        line: "*.* @tls://{{ log_server }}:6514"
      notify: restart syslogd
  when: inventory_hostname != "log01.home.foo.sh"

- name: include server config
  include_tasks: server.yml
  when: inventory_hostname == "log01.home.foo.sh"