From 2610c84f67e2312b20c59d0418a04c9b3fd733b5 Mon Sep 17 00:00:00 2001
From: Jeroen Vermeulen <info@jeroenvermeulen.eu>
Date: Mon, 18 Sep 2023 21:11:59 +0200
Subject: [PATCH] Working on Talos using DCI

---
 .../meta/main.yml                             |  0
 .../tasks/main.yml                            | 35 +++++++++++++++++++
 .../handlers/main.yml                         |  0
 .../meta/main.yml                             |  0
 .../tasks/create_control_configs.yml          |  0
 .../tasks/create_secrets.yml                  |  0
 .../tasks/create_talosconfig.yml              |  0
 .../tasks/create_worker_configs.yml           |  0
 .../tasks/main.yml                            |  0
 roles/talos_dci_finish/tasks/main.yml         | 11 ++----
 roles/talos_dci_login/tasks/main.yml          |  3 +-
 roles/talos_dci_reinstall/tasks/main.yml      | 10 ++++--
 roles/talos_wait_port/meta/main.yml           |  3 ++
 roles/talos_wait_port/tasks/main.yml          |  8 +++++
 talos.yml                                     | 12 +++++--
 talos_config_apply.yml                        |  8 +++++
 talos_dci_reinstall.yml                       |  1 +
 17 files changed, 76 insertions(+), 15 deletions(-)
 rename roles/{talos_configs_apply => talos_config_apply}/meta/main.yml (100%)
 rename roles/{talos_configs_apply => talos_config_apply}/tasks/main.yml (51%)
 rename roles/{talos_configs_create => talos_config_create}/handlers/main.yml (100%)
 rename roles/{talos_configs_create => talos_config_create}/meta/main.yml (100%)
 rename roles/{talos_configs_create => talos_config_create}/tasks/create_control_configs.yml (100%)
 rename roles/{talos_configs_create => talos_config_create}/tasks/create_secrets.yml (100%)
 rename roles/{talos_configs_create => talos_config_create}/tasks/create_talosconfig.yml (100%)
 rename roles/{talos_configs_create => talos_config_create}/tasks/create_worker_configs.yml (100%)
 rename roles/{talos_configs_create => talos_config_create}/tasks/main.yml (100%)
 create mode 100644 roles/talos_wait_port/meta/main.yml
 create mode 100644 roles/talos_wait_port/tasks/main.yml
 create mode 100644 talos_config_apply.yml

diff --git a/roles/talos_configs_apply/meta/main.yml b/roles/talos_config_apply/meta/main.yml
similarity index 100%
rename from roles/talos_configs_apply/meta/main.yml
rename to roles/talos_config_apply/meta/main.yml
diff --git a/roles/talos_configs_apply/tasks/main.yml b/roles/talos_config_apply/tasks/main.yml
similarity index 51%
rename from roles/talos_configs_apply/tasks/main.yml
rename to roles/talos_config_apply/tasks/main.yml
index e0191bd..7704ece 100644
--- a/roles/talos_configs_apply/tasks/main.yml
+++ b/roles/talos_config_apply/tasks/main.yml
@@ -10,6 +10,40 @@
 - name: Import talos_machine_status tasks
   ansible.builtin.import_tasks: "{{ role_path }}/../../shared/tasks/talos_machine_status.yml"
 
+- name: Try Talos node config
+  delegate_to: "{{ talosctl_host }}"
+  become: no
+  ansible.builtin.command:
+    cmd: >-
+      talosctl  apply-config
+        --file '{{ talos_node_config_file }}'
+        --nodes '{{ ansible_remote }}'
+        --endpoints '{{ ansible_remote }}'
+        --mode reboot
+        --timeout 2m
+        {% if talos_machine_status.spec.stage == 'maintenance' %} --insecure{% endif %}
+  changed_when: true
+  environment:
+    TALOSCONFIG: "{{ talosconfig }}"
+
+- name: Wait for Talos port 50000 to close
+  delegate_to: "{{ talosctl_host }}"
+  become: no
+  ansible.builtin.wait_for:
+    host: "{{ ansible_remote }}"
+    port: 50000
+    timeout: 100
+    state: stopped
+
+- name: Wait for Talos port 50000 to open
+  delegate_to: "{{ talosctl_host }}"
+  become: no
+  ansible.builtin.wait_for:
+    host: "{{ ansible_remote }}"
+    port: 50000
+    delay: 5
+    timeout: 100
+
 - name: Apply Talos node config
   delegate_to: "{{ talosctl_host }}"
   become: no
@@ -32,3 +66,4 @@
     host: "{{ ansible_remote }}"
     port: 50000
     delay: 5
+    timeout: 60
diff --git a/roles/talos_configs_create/handlers/main.yml b/roles/talos_config_create/handlers/main.yml
similarity index 100%
rename from roles/talos_configs_create/handlers/main.yml
rename to roles/talos_config_create/handlers/main.yml
diff --git a/roles/talos_configs_create/meta/main.yml b/roles/talos_config_create/meta/main.yml
similarity index 100%
rename from roles/talos_configs_create/meta/main.yml
rename to roles/talos_config_create/meta/main.yml
diff --git a/roles/talos_configs_create/tasks/create_control_configs.yml b/roles/talos_config_create/tasks/create_control_configs.yml
similarity index 100%
rename from roles/talos_configs_create/tasks/create_control_configs.yml
rename to roles/talos_config_create/tasks/create_control_configs.yml
diff --git a/roles/talos_configs_create/tasks/create_secrets.yml b/roles/talos_config_create/tasks/create_secrets.yml
similarity index 100%
rename from roles/talos_configs_create/tasks/create_secrets.yml
rename to roles/talos_config_create/tasks/create_secrets.yml
diff --git a/roles/talos_configs_create/tasks/create_talosconfig.yml b/roles/talos_config_create/tasks/create_talosconfig.yml
similarity index 100%
rename from roles/talos_configs_create/tasks/create_talosconfig.yml
rename to roles/talos_config_create/tasks/create_talosconfig.yml
diff --git a/roles/talos_configs_create/tasks/create_worker_configs.yml b/roles/talos_config_create/tasks/create_worker_configs.yml
similarity index 100%
rename from roles/talos_configs_create/tasks/create_worker_configs.yml
rename to roles/talos_config_create/tasks/create_worker_configs.yml
diff --git a/roles/talos_configs_create/tasks/main.yml b/roles/talos_config_create/tasks/main.yml
similarity index 100%
rename from roles/talos_configs_create/tasks/main.yml
rename to roles/talos_config_create/tasks/main.yml
diff --git a/roles/talos_dci_finish/tasks/main.yml b/roles/talos_dci_finish/tasks/main.yml
index 8607208..1417fad 100644
--- a/roles/talos_dci_finish/tasks/main.yml
+++ b/roles/talos_dci_finish/tasks/main.yml
@@ -1,12 +1,5 @@
 ---
 
-- name: Wait for Talos port 50000
-  delegate_to: "{{ talosctl_host }}"
-  become: no
-  ansible.builtin.wait_for:
-    host: "{{ ansible_remote }}"
-    port: 50000
-
 - name: Call DCI Manager API to finish operation
   when: dci_server_info.operation.status == 'running'
   delegate_to: "{{ dci_manager_access_host }}"
@@ -18,5 +11,5 @@
       X-Xsrf-Token: "{{ dci_token }}"
     body_format: json
     body: "{}"
-  register: _dci_finish
-  until: _dci_server.status != 503
+  register: dci_finish
+  until: dci_finish.status != 503
diff --git a/roles/talos_dci_login/tasks/main.yml b/roles/talos_dci_login/tasks/main.yml
index 8c10246..24a6f2a 100644
--- a/roles/talos_dci_login/tasks/main.yml
+++ b/roles/talos_dci_login/tasks/main.yml
@@ -20,7 +20,8 @@
       password: "{{ lookup('community.general.bitwarden', dci_manager_bitwarden_item_name, field='password') | first }}"
     status_code: 201
   register: _dci_manager_login
-  until: _dci_manager_login.status != 503
+  until: _dci_manager_login.status != 503 and _dci_manager_login.status != -1
+  retries: 10
 
 - name: Set token fact
   ansible.builtin.set_fact:
diff --git a/roles/talos_dci_reinstall/tasks/main.yml b/roles/talos_dci_reinstall/tasks/main.yml
index a64802a..2c1280d 100644
--- a/roles/talos_dci_reinstall/tasks/main.yml
+++ b/roles/talos_dci_reinstall/tasks/main.yml
@@ -1,5 +1,10 @@
 ---
 
+- name: Sleep 60 seconds because we just called Finish
+  when: dci_finish is defined and dci_finish is success
+  ansible.builtin.pause:
+    minutes: 1
+
 - name: Call DCI Manager API to reinstall Talos Linux
   delegate_to: "{{ dci_manager_access_host }}"
   become: no
@@ -15,12 +20,13 @@
       hdd_raid: "no_raid"
       os_template_id: "{{ dci_manager_talos_os_template_id }}"
       password: "_not_used_"
-  register: _dci_finish
-  until: _dci_server.status != 503
+  register: _dci_reinstall
+  until: _dci_reinstall.status != 503 and _dci_reinstall.status != -1
 
 - name: Wait for Talos port 50000
   delegate_to: "{{ talosctl_host }}"
   become: no
   ansible.builtin.wait_for:
+    delay: 10
     host: "{{ ansible_remote }}"
     port: 50000
diff --git a/roles/talos_wait_port/meta/main.yml b/roles/talos_wait_port/meta/main.yml
new file mode 100644
index 0000000..fdda41b
--- /dev/null
+++ b/roles/talos_wait_port/meta/main.yml
@@ -0,0 +1,3 @@
+---
+dependencies:
+  - role: common
diff --git a/roles/talos_wait_port/tasks/main.yml b/roles/talos_wait_port/tasks/main.yml
new file mode 100644
index 0000000..d2ef28e
--- /dev/null
+++ b/roles/talos_wait_port/tasks/main.yml
@@ -0,0 +1,8 @@
+---
+
+- name: Wait for Talos port 50000
+  delegate_to: "{{ talosctl_host }}"
+  become: no
+  ansible.builtin.wait_for:
+    host: "{{ ansible_remote }}"
+    port: 50000
diff --git a/talos.yml b/talos.yml
index 84da7f0..5d6cb9d 100644
--- a/talos.yml
+++ b/talos.yml
@@ -1,6 +1,12 @@
 ---
 # Playbook Talos Install
 
+- name: Wait for Talos port
+  become: no
+  gather_facts: false
+  roles:
+    - role: talos_wait_port
+
 - name: Talos hardware nodes
   become: no
   gather_facts: false
@@ -11,14 +17,14 @@
       tags:
         - talos_dci_finish
 
-- name: Talos configs
+- name: Talos config
   become: no
   gather_facts: false
   hosts:
     - talos
   roles:
-    - role: talos_configs_create
-    - role: talos_configs_apply
+    - role: talos_config_create
+    - role: talos_config_apply
 
 - name: Talos bootstrap
   become: no
diff --git a/talos_config_apply.yml b/talos_config_apply.yml
new file mode 100644
index 0000000..08b7207
--- /dev/null
+++ b/talos_config_apply.yml
@@ -0,0 +1,8 @@
+---
+
+- name: Apply Talos Config
+  gather_facts: false
+  hosts:
+    - talos
+  roles:
+    - role: talos_config_apply
diff --git a/talos_dci_reinstall.yml b/talos_dci_reinstall.yml
index c3035ce..bf3212e 100644
--- a/talos_dci_reinstall.yml
+++ b/talos_dci_reinstall.yml
@@ -5,4 +5,5 @@
   hosts:
     - talos_hardware_nodes
   roles:
+    - role: talos_dci_finish
     - role: talos_dci_reinstall