jDmacD/k3s_setup.yml

## k3s_setup.yml
- hosts: k3s-rancher-0
  gather_facts: false
  vars:
    config:
      type: server
      hostname: k3s-rancher-0
  tasks:
    - name: etract config
      tags:
        - never
        - extract-config
      block:
        - raw: cat /etc/rancher/k3s/k3s.yaml | sed -e "s/127.0.0.1/{{ config.hostname }}/" | curl -X PUT -d "$(</dev/stdin)" http://consul.service.consul:8500/v1/kv/config/k3os/{{ config.type }}/{{ config.hostname }}/k3s.yml
          args:
            executable: /bin/bash
          register: cat_out

        - debug:
            var: cat_out.stdout

- hosts: localhost
  module_defaults:
    k8s:
      # kubeconfig: "/home/coder/.kube/config"
      api_version: v1
    kubernetes.core.helm_repository:
      binary_path: ~/.local/bin/helm
    kubernetes.core.helm:
      binary_path: ~/.local/bin/helm
  vars:
    config:
      type: server
      hostname: k3s-rancher-0
    metallb:
      version: v0.12.1
  handlers:
    - name: reload pihole lists
      shell: pihole restartdns reload-lists
      delegate_to: pi0
      become: yes
      become_method: su
      become_user: root
  tasks:
    - name: save kubeconfig
      tags:
        - never
        - save-config
      block:
        - consul_kv:
            host: consul.service.consul
            key: config/k3os/server/{{ config.hostname }}/k3s.yml
          register: retrieved_key

        - set_fact:
            kube_config: "{{ retrieved_key.data.Value | from_yaml }}"

        - name: save kubectl config
          copy:
            content: "{{ kube_config }}"
            dest: /home/coder/.kube/config

    # https://metallb.universe.tf/installation/
    - name: deploy metallb
      tags:
        - never
        - metallb
      block:
        - set_fact:
            metallb_namespace: "{{ lookup('url', 'https://raw.githubusercontent.com/metallb/metallb/{{ metallb.version }}/manifests/namespace.yaml', split_lines='False') | from_yaml }}"
            metallb_values:
              configInline:
                address-pools:
                  - name: default
                    protocol: layer2
                    addresses:
                      - 192.168.178.200-192.168.178.251

        - name: create metallb namespace
          k8s:
            definition: "{{ metallb_namespace }}"
            state: present

        - name: add metallb help repo
          kubernetes.core.helm_repository:
            name: metallb
            # update_repo_cache: yes
            repo_url: "https://metallb.github.io/metallb"

        # helm plugin install https://github.com/databus23/helm-diff
        - name: deploy metallb
          kubernetes.core.helm:
            name: metallb
            chart_ref: metallb/metallb
            release_namespace: "{{ metallb_namespace.metadata.name }}"
            wait: yes
            values: "{{ metallb_values }}"

    - name: deploy cert manager
      tags:
        - never
        - cert-manager
      block:
        - name: get crd file
          get_url:
            url: https://github.com/jetstack/cert-manager/releases/download/v1.7.1/cert-manager.crds.yaml
            dest: /tmp/cert-manager.crds.yaml

        - name: update crds
          k8s:
            state: present
            src: /tmp/cert-manager.crds.yaml
            wait: yes

        - name: add jetstack repo
          kubernetes.core.helm_repository:
            name: jetstack
            repo_url: "https://charts.jetstack.io"

        - name: deploy cert-manager
          kubernetes.core.helm:
            name: cert-manager
            chart_ref: jetstack/cert-manager
            release_namespace: cert-manager
            create_namespace: yes
            chart_version: v1.7.1
            wait: yes

    # https://rancher.com/docs/rancher/v2.6/en/installation/install-rancher-on-k8s/
    - name: deploy rancher
      tags:
        - never
        - rancher
      block:
        # helm repo add rancher-stable https://releases.rancher.com/server-charts/stable
        - name: add repo
          kubernetes.core.helm_repository:
            name: rancher-stable
            repo_url: "https://releases.rancher.com/server-charts/stable"

        - name: deploy rancher helm
          kubernetes.core.helm:
            kubeconfig: "~/.kube/rancher.yaml"
            name: rancher
            chart_ref: rancher-stable/rancher
            release_namespace: cattle-system
            create_namespace: yes
            wait: yes
            values:
              hostname: rancher.jtec.xyz
              bootstrapPassword: admin
              replicas: 1

    - name: configure rancher dns
      tags:
        - never
        - rancher-dns
      block:
        - name: get rancher ingress
          kubernetes.core.k8s_info:
            kubeconfig: /home/coder/.kube/config
            api_version: v1
            kind: Ingress
            namespace: cattle-system
            wait: yes
          register: rancher_ingress

        - set_fact:
            rancher_ip: "{{ rancher_ingress | json_query('resources[0].status.loadBalancer.ingress[0].ip') }}"

        - name: update pihole
          ansible.builtin.lineinfile:
            path: /etc/pihole/custom.list
            regexp: '^.*\srancher\.lan$'
            line: "{{ rancher_ip }} rancher.lan"
          delegate_to: pi0
          become: yes
          become_method: su
          become_user: root
          notify: reload pihole lists
	- hosts: k3s-rancher-0
	gather_facts: false
	vars:
	config:
	type: server
	hostname: k3s-rancher-0
	tasks:
	- name: etract config
	tags:
	- never
	- extract-config
	block:
	- raw: cat /etc/rancher/k3s/k3s.yaml \| sed -e "s/127.0.0.1/{{ config.hostname }}/" \| curl -X PUT -d "$(</dev/stdin)" http://consul.service.consul:8500/v1/kv/config/k3os/{{ config.type }}/{{ config.hostname }}/k3s.yml
	args:
	executable: /bin/bash
	register: cat_out

	- debug:
	var: cat_out.stdout

	- hosts: localhost
	module_defaults:
	k8s:
	# kubeconfig: "/home/coder/.kube/config"
	api_version: v1
	kubernetes.core.helm_repository:
	binary_path: ~/.local/bin/helm
	kubernetes.core.helm:
	binary_path: ~/.local/bin/helm
	vars:
	config:
	type: server
	hostname: k3s-rancher-0
	metallb:
	version: v0.12.1
	handlers:
	- name: reload pihole lists
	shell: pihole restartdns reload-lists
	delegate_to: pi0
	become: yes
	become_method: su
	become_user: root
	tasks:
	- name: save kubeconfig
	tags:
	- never
	- save-config
	block:
	- consul_kv:
	host: consul.service.consul
	key: config/k3os/server/{{ config.hostname }}/k3s.yml
	register: retrieved_key

	- set_fact:
	kube_config: "{{ retrieved_key.data.Value \| from_yaml }}"

	- name: save kubectl config
	copy:
	content: "{{ kube_config }}"
	dest: /home/coder/.kube/config

	# https://metallb.universe.tf/installation/
	- name: deploy metallb
	tags:
	- never
	- metallb
	block:
	- set_fact:
	metallb_namespace: "{{ lookup('url', 'https://raw.githubusercontent.com/metallb/metallb/{{ metallb.version }}/manifests/namespace.yaml', split_lines='False') \| from_yaml }}"
	metallb_values:
	configInline:
	address-pools:
	- name: default
	protocol: layer2
	addresses:
	- 192.168.178.200-192.168.178.251

	- name: create metallb namespace
	k8s:
	definition: "{{ metallb_namespace }}"
	state: present

	- name: add metallb help repo
	kubernetes.core.helm_repository:
	name: metallb
	# update_repo_cache: yes
	repo_url: "https://metallb.github.io/metallb"

	# helm plugin install https://github.com/databus23/helm-diff
	- name: deploy metallb
	kubernetes.core.helm:
	name: metallb
	chart_ref: metallb/metallb
	release_namespace: "{{ metallb_namespace.metadata.name }}"
	wait: yes
	values: "{{ metallb_values }}"

	- name: deploy cert manager
	tags:
	- never
	- cert-manager
	block:
	- name: get crd file
	get_url:
	url: https://github.com/jetstack/cert-manager/releases/download/v1.7.1/cert-manager.crds.yaml
	dest: /tmp/cert-manager.crds.yaml

	- name: update crds
	k8s:
	state: present
	src: /tmp/cert-manager.crds.yaml
	wait: yes

	- name: add jetstack repo
	kubernetes.core.helm_repository:
	name: jetstack
	repo_url: "https://charts.jetstack.io"

	- name: deploy cert-manager
	kubernetes.core.helm:
	name: cert-manager
	chart_ref: jetstack/cert-manager
	release_namespace: cert-manager
	create_namespace: yes
	chart_version: v1.7.1
	wait: yes

	# https://rancher.com/docs/rancher/v2.6/en/installation/install-rancher-on-k8s/
	- name: deploy rancher
	tags:
	- never
	- rancher
	block:
	# helm repo add rancher-stable https://releases.rancher.com/server-charts/stable
	- name: add repo
	kubernetes.core.helm_repository:
	name: rancher-stable
	repo_url: "https://releases.rancher.com/server-charts/stable"

	- name: deploy rancher helm
	kubernetes.core.helm:
	kubeconfig: "~/.kube/rancher.yaml"
	name: rancher
	chart_ref: rancher-stable/rancher
	release_namespace: cattle-system
	create_namespace: yes
	wait: yes
	values:
	hostname: rancher.jtec.xyz
	bootstrapPassword: admin
	replicas: 1

	- name: configure rancher dns
	tags:
	- never
	- rancher-dns
	block:
	- name: get rancher ingress
	kubernetes.core.k8s_info:
	kubeconfig: /home/coder/.kube/config
	api_version: v1
	kind: Ingress
	namespace: cattle-system
	wait: yes
	register: rancher_ingress

	- set_fact:
	rancher_ip: "{{ rancher_ingress \| json_query('resources[0].status.loadBalancer.ingress[0].ip') }}"

	- name: update pihole
	ansible.builtin.lineinfile:
	path: /etc/pihole/custom.list
	regexp: '^.*\srancher\.lan$'
	line: "{{ rancher_ip }} rancher.lan"
	delegate_to: pi0
	become: yes
	become_method: su
	become_user: root
	notify: reload pihole lists