mgmt/configuration/playbooks/fix-duplicate-podman-config.yml

---
- name: Fix duplicate Podman configuration in Nomad
  hosts: nomad_cluster
  become: yes
  tasks:
    - name: Stop Nomad service
      systemd:
        name: nomad
        state: stopped

    - name: Backup current configuration
      copy:
        src: /etc/nomad.d/nomad.hcl
        dest: /etc/nomad.d/nomad.hcl.backup-duplicate-fix
        remote_src: yes

    - name: Read current configuration
      slurp:
        src: /etc/nomad.d/nomad.hcl
      register: current_config

    - name: Create clean configuration for clients
      copy:
        content: |
          datacenter = "{{ nomad_datacenter }}"
          region = "{{ nomad_region }}"
          data_dir = "/opt/nomad/data"
          bind_addr = "{{ tailscale_ip }}"

          server {
            enabled = false
          }

          client {
            enabled = true
            servers = ["100.116.158.95:4647", "100.117.106.136:4647", "100.86.141.112:4647", "100.81.26.3:4647", "100.103.147.94:4647"]
          }

          ui {
            enabled = true
          }

          addresses {
            http = "0.0.0.0"
            rpc  = "{{ tailscale_ip }}"
            serf = "{{ tailscale_ip }}"
          }

          ports {
            http = 4646
            rpc  = 4647
            serf = 4648
          }

          plugin "podman" {
            config {
              socket_path = "unix:///run/podman/podman.sock"
              volumes {
                enabled = true
              }
              recover_stopped = true
            }
          }

          consul {
            auto_advertise = false
            server_auto_join = false
            client_auto_join = false
          }

          log_level = "INFO"
          enable_syslog = true          
        dest: /etc/nomad.d/nomad.hcl
        owner: nomad
        group: nomad
        mode: '0640'
      when: nomad_role == "client"

    - name: Ensure Podman is installed
      package:
        name: podman
        state: present

    - name: Enable and start Podman socket
      systemd:
        name: podman.socket
        enabled: yes
        state: started

    - name: Set proper permissions on Podman socket
      file:
        path: /run/podman/podman.sock
        mode: '0666'
      ignore_errors: yes

    - name: Validate Nomad configuration
      shell: /usr/local/bin/nomad config validate /etc/nomad.d/nomad.hcl || /usr/bin/nomad config validate /etc/nomad.d/nomad.hcl
      register: config_validation
      failed_when: config_validation.rc != 0

    - name: Start Nomad service
      systemd:
        name: nomad
        state: started
        enabled: yes

    - name: Wait for Nomad to be ready
      wait_for:
        port: 4646
        host: localhost
        delay: 10
        timeout: 60

    - name: Wait for drivers to load
      pause:
        seconds: 20

    - name: Check driver status
      shell: |
        /usr/local/bin/nomad node status -self | grep -A 10 "Driver Status" || /usr/bin/nomad node status -self | grep -A 10 "Driver Status"        
      register: driver_status
      failed_when: false

    - name: Display driver status
      debug:
        var: driver_status.stdout_lines