---
- name: Check if K3s is already installed
  stat:
    path: /usr/local/bin/k3s
  register: k3s_binary

- name: Load K3s token from environment
  set_fact:
    k3s_token: "{{ lookup('env', 'K3S_TOKEN') }}"

- name: Wait for first server API
  wait_for:
    host: "{{ k3s_server_1_ip }}"
    port: 6443
    delay: 60
    timeout: 900

- name: Install K3s as server (witness mode)
  shell: >
    curl -sfL {{ k3s_install_url }} |
    INSTALL_K3S_VERSION="{{ k3s_version }}"
    sh -s - server
      --server https://{{ k3s_server_1_ip }}:6443
      --token {{ k3s_token }}
      --disable-apiserver
      --disable-controller-manager
      --disable-scheduler
      --node-ip {{ ansible_default_ipv4.address }}
  when: not k3s_binary.stat.exists
  environment:
    INSTALL_K3S_SKIP_START: "false"

- name: Enable and start k3s service
  systemd:
    name: k3s
    state: started
    enabled: true

- name: Display witness node information
  debug:
    msg: "etcd witness node configured at {{ ansible_default_ipv4.address }}"