Re-gatherfacts at the end for other plays

netmaker doesnt handle concurrent joins to different server-nodes well and will duplicate addresses

common/handlers/main.yml

@@ -0,0 +1,2 @@
+- name: reload_sysctl
+  command: sysctl --system

common/tasks/aliases.yml

@@ -0,0 +1,20 @@
+- name: General aliases
+  blockinfile:
+      path: "{{ ansible_facts.env.HOME }}/.bashrc"
+      marker: "# {mark} ANSIBLE MANAGED BLOCK | General aliases"
+      block: |
+        alias clr="clear"
+        alias hgrep="history | grep"
+        alias syslog="tail -f --lines=100 /var/log/syslog"
+        alias cp="rsync -hlAXEptgoDS --numeric-ids --info=progress2"
+
+- name: ls aliases and colors
+  blockinfile:
+      path: "{{ ansible_facts.env.HOME }}/.bashrc"
+      marker: "# {mark} ANSIBLE MANAGED BLOCK | ls aliases and colors"
+      block: |
+        export LS_OPTIONS='--color=auto'
+        eval "`dircolors`"
+        alias ls='ls $LS_OPTIONS'
+        alias ll='ls $LS_OPTIONS -l'
+        alias l='ls $LS_OPTIONS -la'

common/tasks/main.yml

@@ -0,0 +1,7 @@
+- import_tasks: ./packages.yml
+
+- import_tasks: ./ssh.yml
+
+- import_tasks: ./packages.yml
+
+- import_tasks: ./aliases.yml

common/tasks/packages.yml

@@ -0,0 +1,20 @@
+- name: Update Packages
+  apt:
+      update_cache: yes
+      upgrade: yes
+  when: ansible_facts.distribution == "Debian"
+
+- name: Install Packages
+  package:
+      name:
+          - gpg
+          - htop
+          - iotop
+          - slurm
+          - sudo
+          - screen
+          - curl
+          - rsync
+          - zstd
+      state: latest
+  when: ansible_facts.distribution == "Debian"

common/tasks/ssh.yml

@@ -0,0 +1,12 @@
+- name: Disable SSH password auth
+  lineinfile:
+      dest: /etc/ssh/sshd_config
+      regexp: '^PasswordAuthentication\s*yes'
+      line: "PasswordAuthentication no"
+  register: sshd_config
+
+- name: Restart SSH daemon
+  service:
+      name: sshd
+      state: restarted
+  when: sshd_config.changed

docker/files/docker-compose

@@ -0,0 +1,2 @@
+#!/bin/sh
+docker compose $@

docker/handlers/main.yml

@@ -0,0 +1,4 @@
+- name: restart_docker
+  service:
+      name: "docker"
+      state: restarted

docker/tasks/main.yml

@@ -0,0 +1,40 @@
+#- name: Check if docker is already installed
+#  stat:
+#    path: /usr/bin/docker
+#  register: docker_file
+
+- name: Install Packages
+#  when: docker_file.stat.exists == False
+  package:
+      name:
+          - gpg
+          - gpg-agent
+
+- name: Add docker-key
+  apt_key:
+      url: https://download.docker.com/linux/debian/gpg
+      state: present
+
+- name: Add docker-repository
+  apt_repository:
+      repo: "deb https://download.docker.com/linux/{{ ansible_facts.distribution | lower }} {{ ansible_facts.distribution_release }} stable"
+      state: present
+      filename: docker
+      update_cache: yes
+
+- name: Install docker
+  package:
+      name:
+          - docker-ce
+          - docker-ce-cli
+          - containerd.io
+          - docker-compose-plugin
+          - pass
+      state: latest
+
+- name: Deploy docker-compose command to new docker compose plugin
+  ansible.builtin.copy:
+    src: docker-compose
+    dest: "/usr/local/bin/docker-compose"
+    mode: preserve
+

netmaker/defauls/netmaker.yml

@@ -0,0 +1,4 @@
+netclient:
+  # Token to join default-network
+  #  leave empty to ignore
+  join_network_token:

netmaker/meta/main.yml

@@ -0,0 +1,3 @@
+---
+  dependencies:
+    - role: docker

netmaker/tasks/certs.yml

@@ -0,0 +1,4 @@
+- name: Deploy CA Certificate
+  ansible.builtin.copy:
+    src: secret_files/netmaker_server/ca/ca.crt
+    dest: /etc/ssl/certs/netmaker-ca.pem

netmaker/tasks/install.yml

@@ -0,0 +1,25 @@
+- name: Install Packages
+#  when: docker_file.stat.exists == False
+  package:
+    name:
+      - gpg
+      - gpg-agent
+
+- name: Add netmaker-key
+  apt_key:
+    url: https://apt.netmaker.org/gpg.key
+    state: present
+
+- name: Add netmaker-repository
+  apt_repository:
+    repo: "deb https:apt.netmaker.org stable main"
+    state: present
+    filename: netmaker
+    update_cache: yes
+
+- name: Install wireguard & netclient
+  package:
+    name:
+      - wireguard
+      - netclient
+    state: latest

netmaker/tasks/join-network.yml

@@ -0,0 +1,7 @@
+- name: Join netmaker-network
+  when: "netclient.join_network_token is defined"
+  command: "netclient join -t {{ netclient.join_network_token }}"
+  failed_when: command.rc != 0
+  changed_when: "'starting wireguard' in command.stdout"
+  register: command
+  throttle: 1

netmaker/tasks/main.yml

@@ -0,0 +1,8 @@
+- import_tasks: ./certs.yml
+
+- import_tasks: ./install.yml
+
+- import_tasks: ./join-network.yml
+
+- name: Gather facts to get changes
+  ansible.builtin.gather_facts: