---
- name: get the node token values from token files
  slurp:
    src: "{{ kube_token_dir }}/{{ item }}-{{ inventory_hostname }}.token"
  with_items:
    - "system:controller_manager"
    - "system:scheduler"
    - "system:kubectl"
    - "system:proxy"
  register: tokens
  delegate_to: "{{ groups['kube-master'][0] }}"

- name: Set token facts
  set_fact:
    controller_manager_token: "{{ tokens.results[0].content|b64decode }}"
    scheduler_token: "{{ tokens.results[1].content|b64decode }}"
    kubectl_token: "{{ tokens.results[2].content|b64decode }}"
    proxy_token: "{{ tokens.results[3].content|b64decode }}"

- name: write the config files for api server
  template: src=apiserver.j2 dest={{ kube_config_dir }}/apiserver
  notify:
    - restart daemons

- name: write config file for controller-manager
  template: src=controller-manager.j2 dest={{ kube_config_dir }}/controller-manager
  notify:
    - restart controller-manager

- name: write the kubecfg (auth) file for controller-manager
  template: src=controller-manager.kubeconfig.j2 dest={{ kube_config_dir }}/controller-manager.kubeconfig
  notify:
    - restart controller-manager

- name: write the config file for scheduler
  template: src=scheduler.j2 dest={{ kube_config_dir }}/scheduler
  notify:
    - restart scheduler

- name: write the kubecfg (auth) file for scheduler
  template: src=scheduler.kubeconfig.j2 dest={{ kube_config_dir }}/scheduler.kubeconfig
  notify:
    - restart scheduler

- name: write the kubecfg (auth) file for kubectl
  template: src=kubectl.kubeconfig.j2 dest={{ kube_config_dir }}/kubectl.kubeconfig

- name: write the config files for proxy
  template: src=proxy.j2 dest={{ kube_config_dir }}/proxy
  notify:
    - restart daemons

- name: write the kubecfg (auth) file for proxy
  template: src=proxy.kubeconfig.j2 dest={{ kube_config_dir }}/proxy.kubeconfig

- name: populate users for basic auth in API
  lineinfile:
    dest: "{{ kube_users_dir }}/known_users.csv"
    create: yes
    line: '{{ item.value.pass }},{{ item.key }},{{ item.value.role }}'
  with_dict: "{{ kube_users }}"
  notify:
    - restart apiserver

- name: Enable apiserver
  service:
    name: kube-apiserver
    enabled: yes
    state: started

- name: Enable controller-manager
  service:
    name: kube-controller-manager
    enabled: yes
    state: started

- name: Enable scheduler
  service:
    name: kube-scheduler
    enabled: yes
    state: started

- name: Enable kube-proxy
  service:
    name: kube-proxy
    enabled: yes
    state: started