---
- name: Backup configuration files
  hosts: all
  become: true
  gather_facts: true
  vars:
    category: backup
    subcategory: configuration
    backup_dir: /tmp/config_backup
    timestamp: "{{ ansible_date_time.iso8601_basic_short }}"
  tasks:
    - name: Create backup directory
      ansible.builtin.file:
        path: "{{ backup_dir }}"
        state: directory
        mode: '0755'

    - name: Backup /etc directory (essential configs)
      ansible.builtin.archive:
        path:
          - /etc/hostname
          - /etc/hosts
          - /etc/passwd
          - /etc/group
          - /etc/shadow
          - /etc/sudoers
          - /etc/ssh/sshd_config
        dest: "{{ backup_dir }}/etc_backup_{{ timestamp }}.tar.gz"
        format: gz
      ignore_errors: true

    - name: Backup crontabs
      ansible.builtin.shell: |
        crontab -l > {{ backup_dir }}/crontab_{{ timestamp }}.txt 2>/dev/null || echo "No crontab"
      changed_when: false

    - name: List backup files
      ansible.builtin.find:
        paths: "{{ backup_dir }}"
        patterns: "*{{ timestamp }}*"
      register: backup_files

    - name: Display backup summary
      ansible.builtin.debug:
        msg: |
          Backup completed for {{ inventory_hostname }}
          Files created: {{ backup_files.files | map(attribute='path') | list }}