kubeguard works now

2 files changed, 5 insertions, 10 deletions

diff --git a/roles/kubernetes/net/kubeguard/tasks/add.yml b/roles/kubernetes/net/kubeguard/tasks/add.yml
index 2f9391fc..0658b42c 100644
--- a/roles/kubernetes/net/kubeguard/tasks/add.yml
+++ b/roles/kubernetes/net/kubeguard/tasks/add.yml
@@ -1,6 +1,6 @@
 ---
 - name: install wireguard
-  include_role:
+  import_role:
     name: wireguard/base
 
 - name: create network config directory
@@ -52,7 +52,7 @@
 
 - name: compute list of peers to be added
   set_fact:
-    kubeguard_peers_to_add: "{{ kubernetes_nodes | difference(inventory_hostname) }}"
+    kubeguard_peers_to_add: "{{ groups['_kubernetes_nodes_'] | difference(inventory_hostname) }}"
 
 - name: compute list of peers to be removed
   set_fact:
@@ -91,7 +91,7 @@
 - name: enable IPv4 forwarding
   sysctl:
     name: net.ipv4.ip_forward
-    value: 1
+    value: '1'
     sysctl_set: yes
     state: present
     reload: yes
diff --git a/roles/kubernetes/net/kubeguard/tasks/main.yml b/roles/kubernetes/net/kubeguard/tasks/main.yml
index 0e87af11..10b0d547 100644
--- a/roles/kubernetes/net/kubeguard/tasks/main.yml
+++ b/roles/kubernetes/net/kubeguard/tasks/main.yml
@@ -1,8 +1,3 @@
 ---
-- name: add node to overlay network
-  include_tasks: add.yml
-  when: kubeguard_remove_node is not defined
-
-- name: remove node from overlay network
-  include_tasks: remove.yml
-  when: kubeguard_remove_node is defined
+- name: add/remove nodes to overlay network
+  include_tasks: "{{ kubeguard_action }}.yml"