- include_vars: snmp_users.yml

- name: server | snmpd | install package
  package:
    name: "{{ snmpd_package }}"
    state: present

- name: server | snmpd | insert anchors to snmpd.conf
  blockinfile:
    path: "/etc/snmp/snmpd.conf"
    marker: "# {mark} ANSIBLE MANAGED BLOCK" # not required. The marker line template. C({mark}) will be replaced with the values C(in marker_begin) (default="BEGIN") and C(marker_end) (default="END"). Using a custom marker without the C({mark}) variable may result in the block being repeatedly inserted on subsequent playbook runs.
    block: |
      ################################################################################
      # SECTION: {{ item }}
  loop:
    - ACLs
    - Extends

- name: server | snmpd | stop service
  service:
    name: "snmpd"
    state: stopped

- name: server | snmpd | setup monitoring user SNMPv3
  lineinfile:
    path: "{{ snmpd_user_file }}"
    line: "createuser {{ snmp_user }} {{ snmp_auth_proto }} {{ snmp_auth_pass }} {{ snmp_priv_proto }} {{ snmp_priv_pass }}"

- name: server | snmpd | setup ACLs
  lineinfile:
    path: "/etc/snmp/snmpd.conf" # required. The file to modify. Before Ansible 2.3 this option was only usable as I(dest), I(destfile) and I(name).
    line: "rouser {{snmp_user }} authpriv -V systemonly"
    insertafter: "# SECTION: ACLs"

- name: server | snmpd start service
  service:
    name: "snmpd"
    state: started