k3s/ansible/roles/common/tasks/main.yml

# 基础配置 Role
# 功能: hostname、sysctl、Tailscale 安装
---
- name: Set hostname
  ansible.builtin.hostname:
    name: "{{ node_hostname }}"
  when: node_hostname is defined

- name: Update /etc/hosts
  ansible.builtin.lineinfile:
    path: /etc/hosts
    regexp: '^127\.0\.1\.1'
    line: "127.0.1.1 {{ node_hostname }}"
  when: node_hostname is defined

- name: Configure sysctl for IP forwarding
  ansible.builtin.copy:
    dest: /etc/sysctl.d/99-k3s.conf
    content: |
      net.ipv4.ip_forward = 1
      net.ipv6.conf.all.forwarding = 1
    mode: "0644"
  notify: Apply sysctl

- name: Install dependencies
  ansible.builtin.apt:
    name:
      - curl
      - wget
      - ca-certificates
    state: present
    update_cache: true

- name: Check if Tailscale is installed
  ansible.builtin.command: which tailscale
  register: common_tailscale_check
  failed_when: false
  changed_when: false

- name: Check current Tailscale version
  ansible.builtin.shell: tailscale version | head -1
  register: common_tailscale_version
  failed_when: false
  changed_when: false
  when: common_tailscale_check.rc == 0

- name: Set Tailscale install flag
  ansible.builtin.set_fact:
    tailscale_needs_install: "{{
      common_tailscale_check.rc != 0 or
      (common_tailscale_version.stdout | default('') is not search(tailscale_version))
    }}"

- name: Download Tailscale install script
  ansible.builtin.get_url:
    url: https://tailscale.com/install.sh
    dest: /tmp/tailscale-install.sh
    mode: "0755"
  when: common_tailscale_check.rc != 0

- name: Install Tailscale via install script
  ansible.builtin.command: /tmp/tailscale-install.sh
  when: common_tailscale_check.rc != 0
  changed_when: true

- name: Install specific Tailscale version
  ansible.builtin.apt:
    name:
      - "tailscale={{ tailscale_version }}"
      - "tailscaled={{ tailscale_version }}"
    state: present
    allow_downgrade: true
  when: tailscale_needs_install

- name: Remove Tailscale install script
  ansible.builtin.file:
    path: /tmp/tailscale-install.sh
    state: absent

- name: Enable Tailscale service
  ansible.builtin.systemd:
    name: tailscaled
    enabled: true
    state: started