--- - name: Update apt cache apt: update_cache: true cache_valid_time: 3600 - name: Upgrade packages apt: upgrade: dist when: common_upgrade_packages | default(false) - name: Install required packages apt: name: - apt-transport-https - ca-certificates - curl - gnupg - lsb-release - software-properties-common - jq - htop - vim state: present - name: Disable swap command: swapoff -a changed_when: true - name: Remove swap from fstab mount: name: swap fstype: swap state: absent - name: Load br_netfilter module modprobe: name: br_netfilter state: present - name: Persist br_netfilter module copy: dest: /etc/modules-load.d/k8s.conf content: | br_netfilter overlay mode: "0644" - name: Configure sysctl for Kubernetes sysctl: name: "{{ item.name }}" value: "{{ item.value }}" state: present reload: true loop: - { name: net.bridge.bridge-nf-call-iptables, value: 1 } - { name: net.bridge.bridge-nf-call-ip6tables, value: 1 } - { name: net.ipv4.ip_forward, value: 1 } - name: Check if tailscale is installed command: which tailscale register: tailscale_binary changed_when: false failed_when: false when: tailscale_auth_key | length > 0 - name: Install tailscale shell: curl -fsSL https://tailscale.com/install.sh | sh when: - tailscale_auth_key | length > 0 - tailscale_binary.rc != 0 changed_when: true - name: Check tailscale connection state command: tailscale status --json register: tailscale_status changed_when: false failed_when: false when: tailscale_auth_key | length > 0 - name: Connect node to tailnet command: tailscale up --authkey {{ tailscale_auth_key }} --hostname {{ inventory_hostname }} --ssh={{ tailscale_ssh | ternary('true', 'false') }} --accept-routes={{ tailscale_accept_routes | ternary('true', 'false') }} when: - tailscale_auth_key | length > 0 - tailscale_status.rc != 0 or '"BackendState":"Running"' not in tailscale_status.stdout changed_when: true