---

## Vault Cluster Setup

- include: docker.yml
  when: inventory_hostname in groups.vault and vault_deployment_type == "docker"
- include: init.yml
  when: inventory_hostname in groups.vault
- include: unseal.yml
  when: inventory_hostname in groups.vault
- include: pki_mount.yml
  when: 'inventory_hostname == hostvars[groups.vault|first]["vault_leader"]'
- include: config_ca.yml
  vars:
    vault_url: "https://{{ vault_leader }}:{{ vault_port }}"
  when: 'inventory_hostname == hostvars[groups.vault|first]["vault_leader"]'

## Sync Kubernetes Certs

- include: sync_kube_master_certs.yml
  when: inventory_hostname in groups["kube-master"]
- include: sync_kube_node_certs.yml
  when: inventory_hostname in groups["k8s-cluster"]

## Generate Kubernetes Certs

- include: gen_kube_master_certs.yml
  when: inventory_hostname in groups["kube-master"]
- include: gen_kube_node_certs.yml
  when: inventory_hostname in groups["k8s-cluster"]