From e22d2d167b2109340d5288884f0f469fe9050c56 Mon Sep 17 00:00:00 2001
From: Asara <amarpreet@minhas.io>
Date: Sat, 6 Aug 2022 15:43:00 -0400
Subject: [PATCH] Add cert to k3s to pull from local registry

---
 ansible/roles/k3s/files/registries.yaml |  4 ++++
 ansible/roles/k3s/tasks/get_k3s.yml     | 16 ++++++++++++++++
 2 files changed, 20 insertions(+)
 create mode 100644 ansible/roles/k3s/files/registries.yaml

diff --git a/ansible/roles/k3s/files/registries.yaml b/ansible/roles/k3s/files/registries.yaml
new file mode 100644
index 0000000..c96eafe
--- /dev/null
+++ b/ansible/roles/k3s/files/registries.yaml
@@ -0,0 +1,4 @@
+configs:
+    "docker-repo.service.masked.name:5000":
+    tls:
+      cert_file: /etc/pki/certs/MaskedName_Root_CA.crt
diff --git a/ansible/roles/k3s/tasks/get_k3s.yml b/ansible/roles/k3s/tasks/get_k3s.yml
index 4a5178f..c684f1f 100644
--- a/ansible/roles/k3s/tasks/get_k3s.yml
+++ b/ansible/roles/k3s/tasks/get_k3s.yml
@@ -29,4 +29,20 @@
     src: /usr/local/bin/k3s
     dest: /usr/local/bin/kubernetes
     state: link
+
+- name: ensure k3s directory
+  file:
+    path: /etc/rancher/k3s
+    state: directory
+    owner: root
+    group: root
+    mode: 0755
+
+- name: copy registries file
+  copy:
+    src: files/registries.yaml
+    dest: /etc/rancher/k3s/registries.yaml
+    owner: root
+    group: root
+    mode: 0644
 ...