HomeInfra/HetznerTerra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
011c220f59cf9e9b532384def67c7fff5c51178d
HetznerTerra/ansible/roles/common/tasks/main.yml
MichaelFisher1997 011c220f59
Some checks failed
Deploy Cluster / Terraform (push) Failing after 22s
Details
Deploy Cluster / Ansible (push) Has been skipped
Details
fix: avoid server replacement; install tailscale via Ansible
2026-03-01 04:51:19 +00:00

87 lines
2.1 KiB
YAML
Raw Blame History

---
- name: Update apt cache
apt:
update_cache: true
cache_valid_time: 3600
- name: Upgrade packages
apt:
upgrade: dist
when: common_upgrade_packages | default(false)
- name: Install required packages
apt:
name:
- apt-transport-https
- ca-certificates
- curl
- gnupg
- lsb-release
- software-properties-common
- jq
- htop
- vim
state: present
- name: Disable swap
command: swapoff -a
changed_when: true
- name: Remove swap from fstab
mount:
name: swap
fstype: swap
state: absent
- name: Load br_netfilter module
modprobe:
name: br_netfilter
state: present
- name: Persist br_netfilter module
copy:
dest: /etc/modules-load.d/k8s.conf
content: |
br_netfilter
overlay
mode: "0644"
- name: Configure sysctl for Kubernetes
sysctl:
name: "{{ item.name }}"
value: "{{ item.value }}"
state: present
reload: true
loop:
- { name: net.bridge.bridge-nf-call-iptables, value: 1 }
- { name: net.bridge.bridge-nf-call-ip6tables, value: 1 }
- { name: net.ipv4.ip_forward, value: 1 }
- name: Check if tailscale is installed
command: which tailscale
register: tailscale_binary
changed_when: false
failed_when: false
when: tailscale_auth_key | length > 0
- name: Install tailscale
shell: curl -fsSL https://tailscale.com/install.sh | sh
when:
- tailscale_auth_key | length > 0
- tailscale_binary.rc != 0
changed_when: true
- name: Check tailscale connection state
command: tailscale status --json
register: tailscale_status
changed_when: false
failed_when: false
when: tailscale_auth_key | length > 0
- name: Connect node to tailnet
command: tailscale up --authkey {{ tailscale_auth_key }} --hostname {{ inventory_hostname }} --ssh={{ tailscale_ssh | ternary('true', 'false') }} --accept-routes={{ tailscale_accept_routes | ternary('true', 'false') }}
when:
- tailscale_auth_key | length > 0
- tailscale_status.rc != 0 or '"BackendState":"Running"' not in tailscale_status.stdout
changed_when: true
Reference in New Issue View Git Blame Copy Permalink