---
- name: 配置 systemd-journald
  hosts: all
  become: yes

  vars:
    journald_config:
      system_max_use: "500M"
      system_max_file_size: "100M"
      max_retention_sec: "7day"
      rate_limit_interval_sec: "30s"
      rate_limit_burst: "10000"

    backup_journald: true

  tasks:
    - name: 备份原有 journald.conf
      ansible.builtin.copy:
        src: /etc/systemd/journald.conf
        dest: "/etc/systemd/journald.conf.backup.{{ ansible_date_time.iso8601_basic_short }}"
        remote_src: yes
        force: no
      when: backup_journald

    - name: 部署 journald.conf 配置
      ansible.builtin.copy:
        dest: /etc/systemd/journald.conf
        owner: root
        group: root
        mode: "0644"
        backup: yes
        content: |
          # This file is managed by Ansible
          # Manual changes will be overwritten
          # See journald.conf(5) for details.
          
          [Journal]
          # 限制日志最大使用空间（所有服务总和）
          SystemMaxUse={{ journald_config.system_max_use }}
          
          # 单个日志文件最大大小
          SystemMaxFileSize={{ journald_config.system_max_file_size }}
          
          # 保留日志的时间
          MaxRetentionSec={{ journald_config.max_retention_sec }}
          
          # 限制单个服务的日志速率（防止日志炸弹）
          RateLimitIntervalSec={{ journald_config.rate_limit_interval_sec }}
          RateLimitBurst={{ journald_config.rate_limit_burst }}
      notify: 重启 systemd-journald

    - name: 验证 journald 服务状态
      ansible.builtin.systemd:
        name: systemd-journald
      register: journald_status

    - name: 显示 journald 服务状态
      ansible.builtin.debug:
        msg: "journald 状态: {{ journald_status.status.ActiveState }}"

    - name: 显示日志磁盘使用情况
      ansible.builtin.command: journalctl --disk-usage
      register: disk_usage
      changed_when: false

    - name: 显示磁盘使用
      ansible.builtin.debug:
        var: disk_usage.stdout

  handlers:
    - name: 重启 systemd-journald
      ansible.builtin.systemd:
        name: systemd-journald
        state: restarted