fix: prevent unnecessary changes to k3s config directory permissions (#25)

- Set k3s_config_dir to mode 0700 during initial creation in main.yml
- Remove redundant permission setting in security.yml
- Fixes idempotency issue where permissions were changed on every run

Previously, the directory was created with 0755 in main.yml and then
changed to 0700 in security.yml, causing the task to always report
'changed' status even when no actual changes were needed.

Author: sbaerlocher

roles/k3s/tasks/main.yml

@@ -168,7 +168,7 @@
   ansible.builtin.file:
       path: "{{ k3s_config_dir }}"
       state: directory
-      mode: "0755"
+      mode: "0700"
       owner: root
       group: root
   become: true

roles/k3s/tasks/security.yml

@@ -170,15 +170,7 @@
 
 
 # General Security Hardening
-- name: Configure secure file permissions for K3s configuration directory
-  ansible.builtin.file:
-      path: "{{ k3s_config_dir }}"
-      mode: "0700"
-      owner: root
-      group: root
-      state: directory
-  become: true
-  when: k3s_config_dir is defined
+# K3s configuration directory permissions are set during directory creation in main.yml
 
 # - name: Configure secure file permissions for K3s token file
 #   ansible.builtin.file: