From 27b29322cda56c34734a72051f5958b1cbb453ef Mon Sep 17 00:00:00 2001
From: MichaelFisher1997 <contact@michaelfisher.tech>
Date: Sun, 1 Mar 2026 00:42:55 +0000
Subject: [PATCH] fix: use private network IPs for k3s join and node addressing

---
 ansible/roles/k3s-agent/defaults/main.yml  | 1 +
 ansible/roles/k3s-agent/tasks/main.yml     | 2 +-
 ansible/roles/k3s-server/defaults/main.yml | 1 +
 ansible/roles/k3s-server/tasks/main.yml    | 6 +++---
 ansible/site.yml                           | 7 +++++--
 5 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/ansible/roles/k3s-agent/defaults/main.yml b/ansible/roles/k3s-agent/defaults/main.yml
index 24b07d2..6a2798f 100644
--- a/ansible/roles/k3s-agent/defaults/main.yml
+++ b/ansible/roles/k3s-agent/defaults/main.yml
@@ -2,3 +2,4 @@
 k3s_version: latest
 k3s_server_url: ""
 k3s_token: ""
+k3s_node_ip: ""
diff --git a/ansible/roles/k3s-agent/tasks/main.yml b/ansible/roles/k3s-agent/tasks/main.yml
index 0171cf4..fef9f60 100644
--- a/ansible/roles/k3s-agent/tasks/main.yml
+++ b/ansible/roles/k3s-agent/tasks/main.yml
@@ -16,7 +16,7 @@
     INSTALL_K3S_VERSION: "{{ k3s_version if k3s_version != 'latest' else '' }}"
     K3S_URL: "{{ k3s_server_url }}"
     K3S_TOKEN: "{{ k3s_token }}"
-  command: /tmp/install-k3s.sh agent
+  command: /tmp/install-k3s.sh agent --node-ip {{ k3s_node_ip }}
   args:
     creates: /usr/local/bin/k3s-agent
   when: not k3s_agent_binary.stat.exists
diff --git a/ansible/roles/k3s-server/defaults/main.yml b/ansible/roles/k3s-server/defaults/main.yml
index 8df928c..50928ba 100644
--- a/ansible/roles/k3s-server/defaults/main.yml
+++ b/ansible/roles/k3s-server/defaults/main.yml
@@ -1,3 +1,4 @@
 ---
 k3s_version: latest
 k3s_token: ""
+k3s_node_ip: ""
diff --git a/ansible/roles/k3s-server/tasks/main.yml b/ansible/roles/k3s-server/tasks/main.yml
index 88f2420..7f9186c 100644
--- a/ansible/roles/k3s-server/tasks/main.yml
+++ b/ansible/roles/k3s-server/tasks/main.yml
@@ -20,7 +20,7 @@
   environment:
     INSTALL_K3S_VERSION: "{{ k3s_version if k3s_version != 'latest' else '' }}"
     K3S_TOKEN: "{{ k3s_token }}"
-  command: /tmp/install-k3s.sh server --cluster-init --advertise-address={{ k3s_primary_ip }}
+  command: /tmp/install-k3s.sh server --cluster-init --advertise-address={{ k3s_primary_ip }} --node-ip={{ k3s_node_ip }}
   when: 
     - not k3s_service.stat.exists
     - k3s_primary | default(false)
@@ -29,13 +29,13 @@
   environment:
     INSTALL_K3S_VERSION: "{{ k3s_version if k3s_version != 'latest' else '' }}"
     K3S_TOKEN: "{{ k3s_token }}"
-  command: /tmp/install-k3s.sh server --server https://{{ k3s_primary_ip }}:6443
+  command: /tmp/install-k3s.sh server --server https://{{ k3s_primary_ip }}:6443 --advertise-address={{ k3s_node_ip }} --node-ip={{ k3s_node_ip }}
   when: 
     - not k3s_service.stat.exists
     - not (k3s_primary | default(false))
 
 - name: Wait for k3s to be ready
-  command: kubectl get nodes
+  command: "{{ (k3s_primary | default(false)) | ternary('kubectl get nodes', 'systemctl is-active k3s') }}"
   register: k3s_ready
   until: k3s_ready.rc == 0
   retries: 30
diff --git a/ansible/site.yml b/ansible/site.yml
index e82e0ed..7a8f9e3 100644
--- a/ansible/site.yml
+++ b/ansible/site.yml
@@ -21,6 +21,7 @@
     k3s_primary: true
     k3s_token: "{{ lookup('password', '/dev/null length=32 chars=ascii_letters,digits') }}"
     k3s_primary_ip: "{{ ansible_all_ipv4_addresses | select('match', '^10\\.') | first }}"
+    k3s_node_ip: "{{ ansible_all_ipv4_addresses | select('match', '^10\\.') | first }}"
 
   roles:
     - k3s-server
@@ -56,7 +57,8 @@
   vars:
     k3s_primary: false
     k3s_token: "{{ hostvars[groups['control_plane'][0]]['k3s_token'] }}"
-    k3s_primary_ip: "{{ hostvars[groups['control_plane'][0]]['ansible_default_ipv4']['address'] }}"
+    k3s_primary_ip: "{{ hostvars[groups['control_plane'][0]]['k3s_primary_ip'] }}"
+    k3s_node_ip: "{{ ansible_all_ipv4_addresses | select('match', '^10\\.') | first }}"
 
   roles:
     - k3s-server
@@ -67,7 +69,8 @@
 
   vars:
     k3s_token: "{{ hostvars[groups['control_plane'][0]]['k3s_token'] }}"
-    k3s_server_url: "https://{{ hostvars[groups['control_plane'][0]]['ansible_default_ipv4']['address'] }}:6443"
+    k3s_server_url: "https://{{ hostvars[groups['control_plane'][0]]['k3s_primary_ip'] }}:6443"
+    k3s_node_ip: "{{ ansible_all_ipv4_addresses | select('match', '^10\\.') | first }}"
 
   roles:
     - k3s-agent