---
# System information gathering tasks

- name: Gather system information - Hostname
  set_fact:
    system_info_hostname: "{{ ansible_hostname }}"
    system_info_fqdn: "{{ ansible_fqdn }}"
  tags: [gather, system]

- name: Gather system information - OS details
  set_fact:
    system_info_os:
      distribution: "{{ ansible_distribution }}"
      distribution_version: "{{ ansible_distribution_version }}"
      distribution_release: "{{ ansible_distribution_release }}"
      distribution_major_version: "{{ ansible_distribution_major_version }}"
      os_family: "{{ ansible_os_family }}"
  tags: [gather, system]

- name: Gather system information - Kernel
  set_fact:
    system_info_kernel:
      version: "{{ ansible_kernel }}"
      architecture: "{{ ansible_architecture }}"
  tags: [gather, system]

- name: Gather system uptime
  shell: uptime -p
  register: system_info_uptime_raw
  changed_when: false
  failed_when: false
  tags: [gather, system]

- name: Gather system boot time
  shell: uptime -s
  register: system_info_boot_time_raw
  changed_when: false
  failed_when: false
  tags: [gather, system]

- name: Set uptime facts
  set_fact:
    system_info_uptime: "{{ system_info_uptime_raw.stdout | default('Unknown') }}"
    system_info_boot_time: "{{ system_info_boot_time_raw.stdout | default('Unknown') }}"
  tags: [gather, system]

- name: Gather DMI/SMBIOS information
  shell: dmidecode -t system | grep -E "Manufacturer|Product Name|Serial Number|UUID" || echo "Not available"
  register: system_info_dmi_raw
  changed_when: false
  become: true
  failed_when: false
  tags: [gather, system]

- name: Parse DMI information
  set_fact:
    system_info_hardware:
      manufacturer: "{{ system_info_dmi_raw.stdout | regex_search('Manufacturer: (.+)', '\\1') | default(['Unknown'], true) | first }}"
      product: "{{ system_info_dmi_raw.stdout | regex_search('Product Name: (.+)', '\\1') | default(['Unknown'], true) | first }}"
      serial: "{{ system_info_dmi_raw.stdout | regex_search('Serial Number: (.+)', '\\1') | default(['Unknown'], true) | first }}"
      uuid: "{{ system_info_dmi_raw.stdout | regex_search('UUID: (.+)', '\\1') | default(['Unknown'], true) | first }}"
  tags: [gather, system]

- name: Gather SELinux status (RHEL-based)
  shell: getenforce
  register: system_info_selinux_raw
  changed_when: false
  failed_when: false
  when: ansible_os_family == "RedHat"
  tags: [gather, system, security]

- name: Set SELinux status
  set_fact:
    system_info_selinux_status: "{{ system_info_selinux_raw.stdout | default('Not applicable') }}"
  when: ansible_os_family == "RedHat"
  tags: [gather, system, security]

- name: Gather AppArmor status (Debian-based)
  shell: aa-status --enabled && echo "Enabled" || echo "Disabled"
  register: system_info_apparmor_raw
  changed_when: false
  failed_when: false
  become: true
  when: ansible_os_family == "Debian"
  tags: [gather, system, security]

- name: Set AppArmor status
  set_fact:
    system_info_apparmor_status: "{{ system_info_apparmor_raw.stdout | default('Not applicable') }}"
  when: ansible_os_family == "Debian"
  tags: [gather, system, security]