tegwick
783c8cebbd
Per ADR-002 (railiance-hosts/docs/adr/ADR-002-repo-boundary-hosts-vs-bootstrap.md): - ansible/harden.yml: replaced with tombstone pointing to railiance-hosts - ansible/bootstrap.yml: remove `import_playbook: harden.yml`; add pre-condition comment; OS hardening is no longer this repo's concern - docs/first_host.md: rewritten to reflect 3-step flow: converge railiance-hosts → railiance-bootstrap k3s install → smoke test - workplans/RAIL-BS-WP-0002-k3s-baseline.md: new workplan for k3s + Helm + Kubernetes platform baseline; linked to repo goal 70ab2379 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
31 lines
825 B
YAML
31 lines
825 B
YAML
---
|
|
# Pre-condition: the target host must already be converged by railiance-hosts
|
|
# (`make converge` in that repo) before running this playbook.
|
|
# OS hardening (SSH, UFW, fail2ban) is owned by railiance-hosts — see ADR-002.
|
|
|
|
# Install base packages and k3s.
|
|
- name: Railiance host bootstrap
|
|
hosts: all
|
|
become: true
|
|
tasks:
|
|
- name: Ensure base packages
|
|
apt:
|
|
name:
|
|
- curl
|
|
- git
|
|
- jq
|
|
update_cache: yes
|
|
state: present
|
|
|
|
- name: Install k3s (server)
|
|
shell: |
|
|
curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="server --write-kubeconfig-mode=644" sh -
|
|
args: { creates: /usr/local/bin/k3s }
|
|
|
|
- name: Verify k3s node
|
|
shell: k3s kubectl get nodes
|
|
register: nodes
|
|
changed_when: false
|
|
|
|
- debug: var=nodes.stdout_lines
|