- name: Importar chave GPG do repositório CRI-O
  become: yes
  apt_key:
    url: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_22.04/Release.key"
    state: present

- name: Adicionar repositório do CRI-O
  become: yes
  apt_repository:
    repo: "deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_22.04/ /"
    state: present
    filename: "cri-o"

- name: Atualizar cache do APT
  become: yes
  apt:
    update_cache: yes

- name: Instalar CRI-O e ferramentas
  become: yes
  apt:
    name:
      - cri-o
      - cri-tools
    state: present

#- name: Add Kubernetes APT key
#  apt_key:
#    url: https://packages.cloud.google.com/apt/doc/apt-key.gpg
#    state: present

#- name: Add Kubernetes repo
#  apt_repository:
#    repo: deb http://apt.kubernetes.io/ kubernetes-jammy main
#    state: present
    
- name: Adicionar chave GPG do Kubernetes
  ansible.builtin.shell: |
    mkdir -p /etc/apt/keyrings
    curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.29/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
  args:
    creates: /etc/apt/keyrings/kubernetes-apt-keyring.gpg

- name: Adicionar repositório oficial do Kubernetes
  ansible.builtin.copy:
    dest: /etc/apt/sources.list.d/kubernetes.list
    content: |
      deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.29/deb/ /


- name: Install Kubernetes components
  apt:
    name:
      - kubelet
      - kubeadm
      - kubectl
    state: present
    update_cache: yes

- name: Hold Kubernetes packages
  ansible.builtin.shell: |
    apt-mark hold kubelet kubeadm kubectl


- name: Desativar swap
  ansible.builtin.command: swapoff -a

- name: Garantir que swap está desativado no fstab
  ansible.builtin.lineinfile:
    path: /etc/fstab
    regexp: '.*swap.*'
    state: absent


- name: Ativar ip_forward de forma idempotente
  ansible.builtin.sysctl:
    name: net.ipv4.ip_forward
    value: '1'
    state: present
    reload: yes

- name: Configurar sysctl para Kubernetes
  ansible.builtin.copy:
    dest: /etc/sysctl.d/k8s.conf
    content: |
      net.bridge.bridge-nf-call-iptables = 1
      net.bridge.bridge-nf-call-ip6tables = 1
      net.ipv4.ip_forward = 1
      
- name: Reload sysctl
  ansible.builtin.command: sysctl --system
  when: ansible_facts['os_family'] == 'Debian'
  changed_when: false


  
- name: Criar arquivo de configuração sysctl para Kubernetes
  ansible.builtin.copy:
    dest: /etc/sysctl.d/k8s.conf
    content: |
      net.bridge.bridge-nf-call-iptables = 1
      net.bridge.bridge-nf-call-ip6tables = 1
    owner: root
    group: root
    mode: '0644'
  notify: Reload sysctl

- name: Carregar módulo br_netfilter se necessário
  ansible.builtin.modprobe:
    name: br_netfilter
    state: present


- name: Garantir que o módulo br_netfilter seja carregado na inicialização
  ansible.builtin.copy:
    dest: /etc/modules-load.d/k8s.conf
    content: |
      br_netfilter
    owner: root
    group: root
    mode: '0644'