- name: Create folder for data
  ansible.builtin.file:
    path: /var/data/
    state: directory
    mode: '0755'

- name: Deploy init.yaml from template
  ansible.builtin.template:
    src: k8s-dqlite/init.yaml.template
    dest: /var/data/init.yaml

- name: Deploy cert-config-file from template
  when: "inventory_hostname == groups['kubernetes'][0]"
  ansible.builtin.template:
    src: k8s-dqlite/csr-dqlite.conf.template
    dest: /var/tmp/csr-dqlite.conf

- name: dqlite Generate certificate
  when: "inventory_hostname == groups['kubernetes'][0]"
  command: openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes -keyout /var/data/cluster.key -out /var/data/cluster.crt -subj "/CN=k8s" -config /var/tmp/csr-dqlite.conf -extensions v3_ext

- name: Fetch cluster.crt and cluster.key
  when: "inventory_hostname == groups['kubernetes'][0]"
  synchronize:
    src: "{{ item }}"
    dest: /tmp/
    mode: pull
  with_items:
    - /var/data/cluster.crt
    - /var/data/cluster.key

- name: Copy cluster.crt and cluster.key to joining nodes
  when: "inventory_hostname != groups['kubernetes'][0]"
  ansible.builtin.copy:
    src: "{{ item }}"
    dest: /var/data/
    mode: u=rw,g=r,o=r
  with_items:
    - /tmp/cluster.crt
    - /tmp/cluster.key