- hosts: "{{ variable_host }}"
  become: yes
  become_method: sudo
  tasks:
  - name: Set SSH port
    set_fact:
      ansible_port: "{{SSH_PORT}}"
    
    
  - name: collect facts about system services
    service_facts:
    register: services_state

      
  - name: Open stat port for firewalld
    firewalld:
      port: "9113/tcp"
      state: enabled
      permanent: yes
      immediate: yes
    ignore_errors: yes
    when: (ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS')  and ansible_facts.services["firewalld.service"]['state'] == "running"
      
      
  - name: Open stat port for iptables
    iptables:
      chain: INPUT
      destination_port: "9113"
      jump: ACCEPT
      protocol: tcp
    ignore_errors: yes

    
  roles:
  - role: nginx_exporter
    environment:
      http_proxy: "{{PROXY}}"
      https_proxy: "{{PROXY}}"
    vars:
      nginx_exporter_options: ['-nginx.scrape-uri http://{{STATS_USER}}:{{STATS_PASS}}@{{variable_host}}:{{STAT_PORT}}/{{STAT_PAGE}}']