- name: create token
  delegate_to: localhost
  run_once: true
  set_fact:
    token: "{{ lookup('community.general.random_string', length=129, special=False) }}"
  when: (not upgrade) and (token is not defined) 
  #when: token is not defined

- name: ensure inventory folders
  delegate_to: localhost
  become: true
  run_once: false
  file:
    path: "{{ item }}"
    state: directory
  loop:
    - group_vars
    - group_vars/all

- name: store token
  delegate_to: localhost
  become: false
  run_once: true
  copy:
    dest: group_vars/all/token.yml
    content: |-
      token: {{ token }}
  when: not upgrade  #TODO ask Thomas the magic logic here

- name: read token
  include_vars: group_vars/all/token.yml

- name: rke2 config
  template:
    src: config.yaml.j2
    dest: /etc/rancher/rke2/config.yaml
  notify:
    - restart rke2

- name: enable rke2
  ansible.builtin.systemd:
    name: "rke2-{{ node_type }}"
    enabled: yes
    masked: no