Added (very hacky) k3s token generation

wtripp180901 · wtripp180901 · commit b49b22cd28bb · 2024-09-12T15:38:29.000+01:00
diff --git a/ansible/roles/k3s/files/start_k3s.yml b/ansible/roles/k3s/files/start_k3s.yml
@@ -12,11 +12,13 @@
       ansible.builtin.lineinfile:
         path: "/etc/systemd/system/{{ service_name }}.service.env"
         line: "K3S_TOKEN={{ k3s_token }}"
+
     - name: Add server url to agents
       ansible.builtin.lineinfile:
         path: "/etc/systemd/system/{{ service_name }}.service.env"
         line: "K3S_URL=https://{{ k3s_server_name }}:6443"
       when: k3s_node_type == "agent"
+      
     - name: Start k3s service
       ansible.builtin.systemd:
         name: "{{ service_name }}"
diff --git a/ansible/roles/k3s/tasks/main.yml b/ansible/roles/k3s/tasks/main.yml
@@ -9,7 +9,7 @@
     group: root
     mode: "0755"
 
-- name: Install k3s server
+- name: Install k3s
   ansible.builtin.shell:
     cmd: /usr/local/bin/k3s-install.sh
   environment:
diff --git a/ansible/roles/passwords/tasks/main.yml b/ansible/roles/passwords/tasks/main.yml
@@ -7,6 +7,19 @@
   delegate_to: localhost
   run_once: true
 
+- name: Generate k3s token
+  ansible.builtin.set_fact:
+    k3s_token_secret: ""
+
+- name:  Generate k3s token and add to terraform
+  vars:
+    token: "{{ lookup('ansible.builtin.password', '/dev/null', length=64) }}"
+  replace:
+    path: "{{ lookup('env', 'APPLIANCES_ENVIRONMENT_ROOT') }}/terraform/variables.tf"
+    regexp: "k3s_token_replace_me"
+    replace: "{{ token }}"
+
+
 # - name: Ensure munge key directory exists
 #   file:
 #     state: directory
@@ -17,4 +30,4 @@
 #   copy:
 #     content:  "{{ lookup('password', '/dev/null chars=ascii_letters,digits,hexdigits,punctuation') }}"
 #     dest: "{{ openhpc_passwords_mungekey_output_path }}"
-#     force: false
+#     force: false
diff --git a/environments/skeleton/{{cookiecutter.environment}}/terraform/compute/variables.tf b/environments/skeleton/{{cookiecutter.environment}}/terraform/compute/variables.tf
@@ -69,6 +69,6 @@ variable "security_group_ids" {
 }
 
 variable "k3s_token" {
-    description = "Random cryptographically secure string for K3s token"
+    description = "Random cryptographically secure string for K3s token (must be set by ../compute.tf)"
     type = string
 }
diff --git a/environments/skeleton/{{cookiecutter.environment}}/terraform/variables.tf b/environments/skeleton/{{cookiecutter.environment}}/terraform/variables.tf
@@ -135,4 +135,5 @@ variable "root_volume_size" {
 variable "k3s_token" {
     description = "Random cryptographically secure string for K3s token"
     type = string
+    default = "k3s_token_replace_me"
 }

Original file line number	Diff line number	Diff line change
`@@ -69,6 +69,6 @@ variable "security_group_ids" {`
`69`	`69`	`}`
`70`	`70`
`71`	`71`	`variable "k3s_token" {`
`72`		`- description = "Random cryptographically secure string for K3s token"`
	`72`	`+ description = "Random cryptographically secure string for K3s token (must be set by ../compute.tf)"`
`73`	`73`	`type = string`
`74`	`74`	`}`
Original file line number	Diff line number	Diff line change
`@@ -135,4 +135,5 @@ variable "root_volume_size" {`
`135`	`135`	`variable "k3s_token" {`
`136`	`136`	`description = "Random cryptographically secure string for K3s token"`
`137`	`137`	`type = string`
	`138`	`+ default = "k3s_token_replace_me"`
`138`	`139`	`}`