---
# TODO: disable swap

- name: setup firewall rules
  become: true
  ansible.builtin.template:
    src: ../templates/nftables.d/k3s_servers.nft.j2
    dest: /etc/nftables.d/k3s_servers.nft
    mode: '0600'
  notify:
    - 'k3s : restart firewall service'
    - 'k3s : restart k3s service'

- name: flush handlers
  ansible.builtin.meta: flush_handlers

- name: install K3S cluster, single server
  connection: local
  ansible.builtin.command:
    argv:
      - "{{ k3sup_binary }}"
      - install
      - "--merge"
      - "--local-path"
      - "{{ kubeconfig_repository }}/{{ k3s_cluster_name }}.kubeconfig"
      - "--context"
      - "{{ k3s_kube_context }}"
      - "--k3s-extra-args"
      - "{{ k3s_extra_args }}"
      - "--user"
      - "{{ k3s_operator_username }}"
      - "--ssh-key"
      - "{{ k3s_operator_ssh_key_path }}"
      - "--host"
      - "{{ inventory_hostname }}.{{ global_dns_domainname }}"
  register: k3s_init
  when: k3s_cluster_type is match("single")
  changed_when: not "No change detected so skipping service start" in k3s_init.stdout

- name: install K3S cluster, HA
  connection: local
  debug: msg="Not supported yet"
  when: k3s_cluster_type is match("ha")
  failed_when: true