- name: disable UFW firewall for labs
  service:
    name: ufw
    state: stopped
    enabled: false

- name: Disable SWAP
  shell: |
    swapoff -a

- name: Disable SWAP in fstab
  lineinfile:
    path: /etc/fstab
    regexp: '^.*swap.*$'
    line: '#\0'
    backrefs: yes

- name: ensure net.bridge.bridge-nf-call-ip6tables is set to 1
  sysctl:
    name: net.bridge.bridge-nf-call-iptables
    value: '1'
    state: present
    reload: yes

- name: Installation of apt-utils
  become: true
  apt:
    name:
      - apt-transport-https
    state: present
    update_cache: yes

- name: Adding Docker GPG key
  ansible.builtin.apt_key:
    url: https://download.docker.com/linux/ubuntu/gpg
    state: present

- name: Adding Docker Repository
  apt_repository:
    repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable
    state: present

- name: Installation of Docker
  apt:
  name: "{{ item }}"
  state: present
  loop:
    - docker-ce
    - docker-ce-cli
    - containerd.io
    - docker-compose

- name: Setting value of SystemdCgroup
  shell: |
    containerd config default | sudo tee /etc/containerd/config.toml | grep SystemdCgroup
    sed -i 's/SystemdCgroup = false/SystemdCgroup = true/g' /etc/containerd/config.toml

- name : Starting Service of Docker
  service:
    name: docker
    state: started
    enabled: yes

    
- name: Adicionar chave GPG do Kubernetes
  become: true
  ansible.builtin.shell: |
    mkdir -p /etc/apt/keyrings
    curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.29/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
  args:
    creates: /etc/apt/keyrings/kubernetes-apt-keyring.gpg

- name: Adicionar repositório oficial do Kubernetes
  become: true
  ansible.builtin.copy:
    dest: /etc/apt/sources.list.d/kubernetes.list
    content: |
      deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.29/deb/ /


- name: Install Kubernetes components
  become: true
  apt:
    name:
      - kubelet
      - kubeadm
      - kubectl
    state: present
    update_cache: yes

- name: Hold Kubernetes packages
  become: true
  ansible.builtin.shell: |
    apt-mark hold kubelet kubeadm kubectl


- name: Desativar swap
  become: true
  ansible.builtin.command: swapoff -a

- name: Garantir que swap está desativado no fstab
  become: true
  ansible.builtin.lineinfile:
    path: /etc/fstab
    regexp: '.*swap.*'
    state: absent


- name: Ativar ip_forward de forma idempotente
  become: true
  ansible.builtin.sysctl:
    name: net.ipv4.ip_forward
    value: '1'
    state: present
    reload: yes

- name: Configurar sysctl para Kubernetes
  become: true
  ansible.builtin.copy:
    dest: /etc/sysctl.d/k8s.conf
    content: |
      net.bridge.bridge-nf-call-iptables = 1
      net.bridge.bridge-nf-call-ip6tables = 1
      net.ipv4.ip_forward = 1
      
- name: Reload sysctl
  ansible.builtin.command: sysctl --system
  when: ansible_facts['os_family'] == 'Debian'
  changed_when: false
  become: true


  
- name: Criar arquivo de configuração sysctl para Kubernetes
  become: true
  ansible.builtin.copy:
    dest: /etc/sysctl.d/k8s.conf
    content: |
      net.bridge.bridge-nf-call-iptables = 1
      net.bridge.bridge-nf-call-ip6tables = 1
    owner: root
    group: root
    mode: '0644'
  notify: Reload sysctl

- name: Carregar módulo br_netfilter se necessário
  become: true
  ansible.builtin.modprobe:
    name: br_netfilter
    state: present

- name: Garantir que o módulo br_netfilter seja carregado na inicialização
  become: true
  ansible.builtin.copy:
    dest: /etc/modules-load.d/k8s.conf
    content: |
      br_netfilter
    owner: root
    group: root
    mode: '0644'