- name: Install Kubernetes on Ubuntu 24
  become: "{{ 'no' if inventory_hostname == 'nas.home.lan' else 'yes' }}"
  block:

    - name: Update apt cache
      apt:
        update_cache: yes

    - name: Disable swap
      command: swapoff -a
      when: ansible_swaptotal_mb > 0

    - name: Remove swap from fstab
      replace:
        path: /etc/fstab
        regexp: '.*swap.*'
        replace: ''

    - name: Enable kernel modules
      copy:
        dest: /etc/modules-load.d/k8s.conf
        content: |
          overlay
          br_netfilter

    - name: Load kernel modules
      modprobe:
        name: "{{ item }}"
        state: present
      loop:
        - overlay
        - br_netfilter

    - name: Set sysctl params
      copy:
        dest: /etc/sysctl.d/k8s.conf
        content: |
          net.bridge.bridge-nf-call-iptables = 1
          net.bridge.bridge-nf-call-ip6tables = 1
          net.ipv4.ip_forward = 1

    - name: Apply sysctl
      command: sysctl --system

    - name: Install required packages
      apt:
        name:
          - apt-transport-https
          - ca-certificates
          - curl
          - gpg
          - docker.io
        state: present

    - name: Add Kubernetes apt key
      shell: |
        curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.29/deb/Release.key | \
        gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
      args:
        creates: /etc/apt/keyrings/kubernetes-apt-keyring.gpg

    - name: Add Kubernetes repository
      copy:
        dest: /etc/apt/sources.list.d/kubernetes.list
        content: |
          deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.29/deb/ /

    - name: Install containerd
      apt:
        name: containerd
        state: present

    - name: Configure containerd
      shell: |
        mkdir -p /etc/containerd
        containerd config default > /etc/containerd/config.toml
        sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml
      args:
        creates: /etc/containerd/config.toml

    - name: Enable and start containerd
      systemd:
        name: containerd
        enabled: yes
        state: started

    - name: Install Kubernetes packages
      apt:
        name:
          - kubelet
          - kubeadm
          - kubectl
        state: present
        update_cache: yes
      register: k8s_install
      retries: 5
      delay: 10
      until: k8s_install is succeeded

    - name: Hold Kubernetes packages
      command: apt-mark hold kubelet kubeadm kubectl

    - name: Enable kubelet
      systemd:
        name: kubelet
        enabled: yes
        state: started

    # Optional UFW configuration
    - name: Ensure UFW is installed
      apt:
        name: ufw
        state: present
      when: inventory_hostname == 'ubuntu24-vm01.home.lan'

    - name: Allow Kubernetes ports
      ufw:
        rule: allow
        port: "{{ item }}"
        proto: tcp
      loop:
        - 6443
        - 2379:2380
        - 10250
      when: inventory_hostname == 'ubuntu24-vm01.home.lan'

    - name: Configure containerd for kubeadm
      copy:
        dest: /etc/containerd/config.toml
        content: |
          [plugins."io.containerd.grpc.v1.cri".containerd]
            snapshotter = "overlayfs"

          [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
            runtime_type = "io.containerd.runc.v2"

          [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
            SystemdCgroup = true

    - name: Enable and start containerd
      systemd:
        name: containerd
        state: restarted

    - name: Pause for 5 minutes to build app cache
      ansible.builtin.pause:
        minutes: 2

    - name: Create .kube directory
      file:
        path: /home/{{ ansible_user }}/.kube
        state: directory
        owner: "{{ ansible_user }}"
        group: "{{ ansible_user }}"
        mode: '0755'
      when: inventory_hostname == 'ubuntu24-vm01.home.lan'

    - name: Initialize Kubernetes
      command: sudo kubeadm init --pod-network-cidr=10.244.0.0/16
      args:
        creates: /etc/kubernetes/admin.conf
      when: inventory_hostname == 'ubuntu24-vm01.home.lan'


    - name: Copy kubeconfig to user
      copy:
        remote_src: yes
        src: /etc/kubernetes/admin.conf
        dest: /home/{{ ansible_user }}/.kube/config
        owner: "{{ ansible_user }}"
        group: "{{ ansible_user }}"
        mode: '0644'
      when: inventory_hostname == 'ubuntu24-vm01.home.lan'

    - name: Install Flannel CNI
      ansible.builtin.command:
        cmd: kubectl apply -f https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml
      environment:
        KUBECONFIG: /etc/kubernetes/admin.conf
      when: inventory_hostname == "ubuntu24-vm01.home.lan"
      register: flannel_result
      changed_when: "'created' in flannel_result.stdout or 'configured' in flannel_result.stdout"

    - name: Get join command
      command: sudo kubeadm token create --print-join-command
      register: join_command
      when: inventory_hostname == 'ubuntu24-vm01.home.lan'







    - name: Save join command
      set_fact:
        worker_join_cmd: "{{ join_command.stdout }}"
      when: inventory_hostname == 'ubuntu24-vm01.home.lan'

    - name: Join cluster
      command: "{{ hostvars['ubuntu24-vm01.home.lan'].worker_join_cmd }}"
      args:
        creates: /etc/kubernetes/kubelet.conf
      when: inventory_hostname != 'ubuntu24-vm01.home.lan'