kubernetes/tasks/k3s/configure.yaml

---

- name: Additional config files
  ansible.builtin.copy:
    content: |
      {{  item.content }}
    dest: "{{  item.path }}/{{  item.name }}"
    mode: '740'
    owner: root
    group: root
  loop: "{{ k3s.files }}"
  when: item.when | default(false) | bool


- name: Copy Templates
  ansible.builtin.template:
    src: "{{ item.src }}"
    dest: "{{ item.dest }}"
    owner: root
    mode: '700'
    force: true
  notify: "{{ item.notify | default(omit) }}"
  loop: "{{ templates_to_apply }}"
  when: >
    item.when | default(true) | bool
  vars:
    templates_to_apply:

      - src: kubernetes-manifest-rbac.yaml.j2
        dest: /var/lib/rancher/k3s/server/manifests/rbac-authorization-common.yaml
        when: "{{ kubernetes_config.cluster.prime.name == inventory_hostname }}"

      - src: iptables-kubernetes.rules.j2
        dest: "/etc/iptables.rules.d/iptables-kubernetes.rules"
        notify: firewall_reloader


- name: Add Kubernetes Node Labels
  ansible.builtin.copy:
    content: |-
      apiVersion: v1
      kind: Node
      metadata:
        name: "{{ inventory_hostname }}"
        {% if kubernetes_config.hosts[inventory_hostname].labels | default([]) | list | length > 0 -%}
        labels:
          {{ kubernetes_config.hosts[inventory_hostname].labels | to_nice_yaml | indent(4) }}
        {%- endif +%}
      {% if kubernetes_config.hosts[inventory_hostname].taints | default([]) | list | length > 0 -%}
      spec:
        taints:
          {{ kubernetes_config.hosts[inventory_hostname].taints | to_nice_yaml(indent=0) | indent(4) }}
      {% endif %}
    dest: /var/lib/rancher/k3s/server/manifests/node-manifest-{{ inventory_hostname }}.yaml
    owner: root
    group: root
    mode: '700'
  delegate_to: "{{ kubernetes_config.cluster.prime.name }}"
  when:
    kubernetes_config.hosts[inventory_hostname].labels | default([]) | list | length > 0
      or
    kubernetes_config.hosts[inventory_hostname].taints | default([]) | list | length > 0