23 lines
632 B
YAML
23 lines
632 B
YAML
---
|
|
- name: Install Wireguard
|
|
ansible.builtin.apt:
|
|
name:
|
|
- wireguard
|
|
update_cache: false
|
|
when: >
|
|
ansible_os_family == 'Debian'
|
|
# and
|
|
# kubernetes.networking.encrypt | default(false) | bool
|
|
|
|
|
|
- name: Enable Cluster Encryption
|
|
ansible.builtin.command:
|
|
cmd: kubectl patch felixconfiguration default --type='merge' -p '{"spec":{"wireguardEnabled":true,"wireguardEnabledV6":true}}'
|
|
changed_when: false
|
|
when: >
|
|
kubernetes_config.cluster.prime.name == inventory_hostname
|
|
|
|
- name: Set Kubernetes Encryption Final Install Fact
|
|
ansible.builtin.set_fact:
|
|
kubernetes_installed_encryption: true
|