75 lines
1.8 KiB
YAML
75 lines
1.8 KiB
YAML
#SPDX-License-Identifier: MIT-0
|
|
---
|
|
# tasks/main.yml
|
|
|
|
## shell used as workaround cause get.helm.sh is down atm
|
|
- name: Add helm key
|
|
shell: |
|
|
curl -fsSL https://packages.buildkite.com/helm-linux/helm-debian/gpgkey | gpg --dearmor | tee /usr/share/keyrings/helm.gpg > /dev/null
|
|
args:
|
|
creates: /usr/share/keyrings/helm.gpg
|
|
|
|
- name: Add helm repo
|
|
lineinfile:
|
|
path: /etc/apt/sources.list.d/helm-stable-debian.list
|
|
line: "deb [signed-by=/usr/share/keyrings/helm.gpg] https://packages.buildkite.com/helm-linux/helm-debian/any/ any main"
|
|
create: yes
|
|
|
|
- name: Update apt repository
|
|
apt:
|
|
update_cache: yes
|
|
|
|
- name: Install required packages
|
|
apt:
|
|
name:
|
|
- curl
|
|
- wget
|
|
- apt-transport-https
|
|
- ca-certificates
|
|
- pip
|
|
- gpg
|
|
- helm
|
|
state: present
|
|
|
|
- name: Install python kubernetes module
|
|
ansible.builtin.pip:
|
|
break_system_packages: yes
|
|
name: kubernetes
|
|
|
|
### Ubuntu workaround
|
|
#- name: Install helm
|
|
# command: snap install --classic helm
|
|
|
|
### k3s config for Cilium CNI installation
|
|
#- name: Copy k3s.config to server
|
|
# ansible.builtin.copy:
|
|
# src: k3s.config
|
|
# dest: /root/config.yaml
|
|
|
|
- name: Install k3s (disabled traefik in favour of nginx for modSecurity support)
|
|
shell: |
|
|
curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="server --disable=traefik --cluster-init" sh -s -
|
|
args:
|
|
executable: /bin/bash
|
|
|
|
- name: Check if k3s is running
|
|
systemd:
|
|
name: k3s
|
|
state: started
|
|
enabled: yes
|
|
|
|
- name: Get k3s version
|
|
command: k3s --version
|
|
register: k3s_version
|
|
|
|
- name: Show k3s version
|
|
debug:
|
|
msg: "K3s version: {{ k3s_version.stdout }}"
|
|
|
|
# Download kubeconfig for remote access
|
|
- name: Fetch kubconfig
|
|
ansible.builtin.fetch:
|
|
src: /etc/rancher/k3s/k3s.yaml
|
|
dest: ../kubeconfig
|
|
flat: yes
|