chore: cleanup

handlers/main.yml

@@ -3,7 +3,6 @@
   service:
     name: containerd
     state: restarted
-  # when: opensshd_installed is defined
   when: >
     containerd_config.changed | default(false) | bool
       and
@@ -15,13 +14,6 @@
     - install
 
 
-- name: "Apply Firewall Rules"
-  ansible.builtin.shell: |
-    /sbin/iptables-restore < /etc/iptables-kubernetes.rules
-  changed_when: false
-  listen: kubernetes_firewall_rules
-  # when: "ansible_os_family == 'Debian' and iptables_installed.rc == 0"
-
 - name: Restart Kubernetes
   ansible.builtin.service:
     name: "{% if kubernetes_type == 'k3s' %}k3s{% else %}kubelet{% endif %}"

meta/main.yml

@@ -1,20 +1,24 @@
 galaxy_info:
-    role_name: Kubernetes
+  role_name: nfc_kubernetes
   author: No Fuss Computing
-    description: template role to install kubernetes on a host
+  description: template role to install and configure Kubernetes on a host
 
-    issue_tracker_url: https://gitlab.com/nofusscomputing/infrastructure/ansible-roles
+  issue_tracker_url: https://gitlab.com/nofusscomputing/projects/ansible/kubernetes
 
-    license: https://gitlab.com/nofusscomputing/infrastructure/ansible-roles/-/blob/master/LICENSE
+  license: https://gitlab.com/nofusscomputing/projects/ansible/kubernetes/-/blob/master/LICENSE
 
-    min_ansible_version: 1.2
+  min_ansible_version: '2.15'
 
   platforms:
     - name: Debian
       versions:
-        - 11
+        - bullseye
+    - name: Ubuntu
+      versions:
+        - 21
 
   galaxy_tags:
-      - kubernetes
+    - k3s
     - k8s
-
+    - kubernetes
+    - container

tasks/k3s.yaml

@@ -196,10 +196,10 @@
 #     ipv6: true
 
 
-# # - name: Set IPTables to legacy mode
-# #   ansible.builtin.command:
-# #     cmd: update-alternatives --set iptables /usr/sbin/iptables-legacy
-# #   changed_when: false
+- name: Set IPTables to legacy mode
+  ansible.builtin.command:
+    cmd: update-alternatives --set iptables /usr/sbin/iptables-legacy
+  changed_when: false
 
 
 # - name: Server install K3s

templates/firewall-kubernetes.j2

@@ -1,4 +0,0 @@
-#!/bin/bash
-
-/sbin/iptables-restore < /etc/iptables-kubernetes.rules;
-/sbin/ip6tables-restore < /etc/ip6tables-kubernetes.rules;

templates/iptables-default.rules.j2

@@ -1,23 +0,0 @@
-#
-# IP Tables Firewall Rules for Kubernetes
-# 
-# Managed By ansible/role/nfc_kubernetes
-#
-# Dont edit this file directly as it will be overwritten. To grant a host API access
-# edit the cluster config, adding the hostname/ip to path kubernetes_config.cluster.access
-#
-
-
-*filter
-
-iptables -N sshd
-iptables -A sshd -j RETURN
-
-iptables -A INPUT -p tcp --dport 22 -m comment --comment "OpenSSH Server" -j sshd
-
-
-iptables  -I sshd -m comment --comment "allow All Hosts" -j ACCEPT
-
-
-
-COMMIT

templates/logrotate-Docker_containers.j2

@@ -1,14 +0,0 @@
-/var/lib/docker/containers/*/*.log {
-	daily
-	missingok
-	rotate 7
-	compress
-	delaycompress
-	notifempty
-	postrotate
-		docker restart $(docker ps -q)
-	endscript
-}
-
-
-