---
- name: disable docker iptales and bridge
  copy:
    src: daemon.json
    dest: /etc/docker/daemon.json

- name: create network config directory
  file:
    name: /var/lib/kubenet/
    state: directory

- name: install ifupdown script
  template:
    src: ifupdown.sh.j2
    dest: /var/lib/kubenet/ifupdown.sh
    mode: 0755
  # TODO: notify reload... this is unfortunately already to late because
  #                        it must probably be brought down by the old version of the script

- name: generate wireguard private key
  shell: "umask 077; wg genkey > /var/lib/kubenet/kube-wg0.privatekey"
  args:
    creates: /var/lib/kubenet/kube-wg0.privatekey

- name: fetch wireguard public key
  shell: "wg pubkey < /var/lib/kubenet/kube-wg0.privatekey"
  register: wireguard_pubkey
  changed_when: false

- name: install systemd service unit for network interfaces
  copy:
    src: kubenet-interfaces.service
    dest: /etc/systemd/system/kubenet-interfaces.service
  # TODO: notify: reload...

- name: make sure kubenet interfaces service is started and enabled
  systemd:
    daemon_reload: yes
    name: kubenet-interfaces.service
    state: started
    enabled: yes