enable autogenerating token (#375)

    ansible.extra_vars = {

      k3s_version: "v1.28.14+k3s1",

      api_endpoint: "#{NETWORK_PREFIX}.100",

      # Required for vagrant ansible provisioner

      token: "myvagrant",

      # Required to use the private network configured above

      extra_server_args: "--node-external-ip #{node_ip} --flannel-iface eth1", 

    # - openssl rand -base64 64

    # - pwgen -s 64 1

    # You can use ansible-vault to encrypt this value / keep it secret.

    # Or you can omit it if not using Vagrant and let the first server automatically generate one.

    token: "changeme!"

    api_endpoint: "{{ hostvars[groups['server'][0]]['ansible_host'] | default(groups['server'][0]) }}"

    extra_server_args: ""

---

server_group: server  # noqa var-naming[no-role-prefix]

k3s_server_location: "/var/lib/rancher/k3s"  # noqa var-naming[no-role-prefix]

systemd_dir: "/etc/systemd/system"  # noqa var-naming[no-role-prefix]

api_port: 6443  # noqa var-naming[no-role-prefix]

        INSTALL_K3S_EXEC: "agent"

      changed_when: true

- name: Get the token from the first server

  ansible.builtin.set_fact:

    token: "{{ hostvars[groups[server_group][0]].token }}"

- name: Delete any existing token from the environment if different from the new one

  ansible.builtin.lineinfile:

    state: absent

      ansible.builtin.lineinfile:

        state: absent

        path: "{{ systemd_dir }}/k3s.service.env"

        regexp: "^K3S_TOKEN=\\s*(?!{{ token }}\\s*$)"

        regexp: "^K3S_TOKEN=\\s*(?!{{ token | default('') }}\\s*$)"

    # Add the token to the environment.

    # Add the token to the environment if it has been provided.

    # Otherwise, let the first server create one on the first run.

    - name: Add token as an environment variable

      no_log: true # avoid logging the server token

      ansible.builtin.lineinfile:

        path: "{{ systemd_dir }}/k3s.service.env"

        line: "K3S_TOKEN={{ token }}"

      when: token is defined

    - name: Restart K3s service

      when:

          changed_when:

            - mv_result.rc == 0

    - name: Get the token if randomly generated

      when: token is not defined

      block:

        - name: Wait for token

          ansible.builtin.wait_for:

            path: /var/lib/rancher/k3s/server/token

        - name: Read node-token from master

          ansible.builtin.slurp:

            src: /var/lib/rancher/k3s/server/token

          register: node_token

        - name: Store Master node-token

          ansible.builtin.set_fact:

            token: "{{ node_token.content | b64decode | regex_replace('\n', '') }}"

- name: Start other server if any and verify status

  when:

    - (groups[server_group] | length) > 1

    - inventory_hostname != groups[server_group][0]

  block:

    - name: Get the token from the first server

      ansible.builtin.set_fact:

        token: "{{ hostvars[groups[server_group][0]].token }}"

    - name: Delete any existing token from the environment if different from the new one

      ansible.builtin.lineinfile:

        state: absent