[Unit]
Description=Lightweight Kubernetes
Documentation=https://k3s.io
After=network.target

[Service]
Type={{ 'notify' if k3s_control_node else 'exec' }}
ExecStartPre=-/sbin/modprobe br_netfilter
ExecStartPre=-/sbin/modprobe overlay
{% filter regex_replace('\s+', ' ') %}
{% filter replace('\n', ' ') %}
ExecStart={{ k3s_install_dir }}/k3s
{% if k3s_control_node %}
    server{{ ' --disable-agent' if not k3s_control_workers else '' }}
    {% if k3s_non_root is defined and k3s_non_root %}
        --rootless
    {% endif %}
    {% if k3s_https_port != 6443 %}
        --https-listen-port {{ k3s_https_port }}
    {% endif %}
    {% if k3s_disable_scheduler %}
        --disable-scheduler
    {% endif %}
    {% if k3s_disable_cloud_controller %}
        --disable-cloud-controller
    {% endif %}
    {% if k3s_disable_network_policy %}
        --disable-network-policy
    {% endif %}
    {% if k3s_no_flannel %}
        {% if (k3s_release_version | replace('v', '')) is version_compare('1.0.0', '>=')  %}
            --flannel-backend none
        {% else %}
            --no-flannel
        {% endif %}
    {% endif %}
    {% if k3s_cluster_cidr is defined %}
        --cluster-cidr {{ k3s_cluster_cidr }}
    {% endif %}
    {% if k3s_service_cidr is defined %}
        --service-cidr {{ k3s_service_cidr }}
    {% endif %}
    {% if k3s_flannel_backend is defined and not k3s_no_flannel %}
        --flannel-backend {{ k3s_flannel_backend }}
    {% endif %}
    {% if k3s_no_coredns is defined or k3s_no_traefik is defined or k3s_no_servicelb is defined %}
    {% if k3s_no_coredns or k3s_no_traefik or k3s_no_servicelb %}
        {{ ' --no-deploy coredns' if k3s_no_coredns else '' }}{{ ' --no-deploy servicelb' if k3s_no_servicelb else '' }}{{ ' --no-deploy traefik' if k3s_no_traefik else '' }}{{ ' --no-deploy local-storage' if k3s_no_local_storage else '' }}{{ ' --no-deploy metrics-server' if k3s_no_metrics_server else '' }}
    {% endif %}
    {% endif %}
    {% if not k3s_no_local_storage and k3s_default_local_storage_path is defined and k3s_default_local_storage_path %}
        --default-local-storage-path {{ k3s_default_local_storage_path }}
    {% endif %}
    {% if k3s_cluster_dns is defined and k3s_cluster_dns %}
        --cluster-dns {{ k3s_cluster_dns }}
    {% endif %}
    {% if k3s_cluster_domain is defined and k3s_cluster_domain != "cluster.local" %}
        --cluster-domain {{ k3s_cluster_domain }}
    {% endif %}
    {% if k3s_datastore_endpoint is defined and k3s_datastore_endpoint %}
        --datastore-endpoint "{{ k3s_datastore_endpoint }}"
        {% if k3s_datastore_cafile is defined and k3s_datastore_cafile %}
            --datastore-cafile {{ k3s_datastore_cafile }}
        {% endif %}
        {% if k3s_datastore_certfile is defined and k3s_datastore_certfile %}
            --datastore-certfile {{ k3s_datastore_certfile }}
        {% endif %}
        {% if k3s_datastore_keyfile is defined and k3s_datastore_keyfile %}
            --datastore-keyfile {{ k3s_datastore_keyfile }}
        {% endif %}
    {% endif %}
    {% if k3s_dqlite_datastore is defined and k3s_dqlite_datastore %}
        {% if k3s_primary_control_node is defined and k3s_primary_control_node %}
            --cluster-init
        {% else %}
            --server https://{{ k3s_control_node_address }}:{{ k3s_https_port }}
            --token {{ k3s_control_token }}
        {% endif %}
    {% endif %}
    {% if k3s_secrets_encryption is defined and k3s_secrets_encryption %}
        --secrets-encryption
    {% endif %}
{% else %}
    agent
    --server https://{{ k3s_control_node_address }}:{{ k3s_https_port }}
    --token {{ k3s_control_token }}
{% endif %}
{% if k3s_resolv_conf is defined and k3s_resolv_conf %}
    --resolv-conf {{ k3s_resolv_conf }}
{% endif %}
{% if k3s_tls_san is defined and k3s_tls_san %}
    --tls-san {{ k3s_tls_san }}
{% endif %}
{% if k3s_node_data_dir is defined %}
    --data-dir {{ k3s_node_data_dir }}
{% endif %}
{% if k3s_use_docker %}
    --docker
{% endif %}
{% if k3s_flannel_interface is defined and not k3s_no_flannel %}
     --flannel-iface {{ k3s_flannel_interface }}
{% endif %}
{% if k3s_bind_address is defined %}
    --bind-address {{ k3s_bind_address }}
{% endif %}
{% if k3s_node_name is defined %}
    --node-name {{ k3s_node_name }}
{% endif %}
{% if k3s_node_id is defined %}
    --with-node-id {{ k3s_node_id }}
{% endif %}
{% if k3s_node_ip_address is defined %}
    --node-ip {{ k3s_node_ip_address }}
{% endif %}
{% if k3s_node_external_address is defined %}
    --node-external-ip {{ k3s_node_external_address }}
{% endif %}
{% if k3s_write_kubeconfig_mode is defined %}
    --write-kubeconfig-mode {{ k3s_write_kubeconfig_mode }}
{% endif %}
{% if k3s_node_labels is defined and k3s_node_labels is iterable %}
    {% for label in k3s_node_labels %}
        {% for key, value in label.items() %}
            --node-label {{ key }}={{ value }}
        {% endfor %}
    {% endfor %}
{% endif %}
{% if k3s_node_taints is defined and k3s_node_taints is iterable %}
    {% for taint in k3s_node_taints %}
        {% for key, value in taint.items() %}
            --node-taint {{ key }}={{ value }}
        {% endfor %}
    {% endfor %}
{% endif %}
{% if k3s_kubelet_args is defined and k3s_kubelet_args is iterable %}
    {% for arg in k3s_kubelet_args %}
        {% for key, value in arg.items() %}
            --kubelet-arg {{ key }}={{ value }}
        {% endfor %}
    {% endfor %}
{% endif %}
{% endfilter %}
{% endfilter %}

KillMode=process
Delegate=yes
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TasksMax=infinity
TimeoutStartSec=0
Restart=always
RestartSec=5s

[Install]
WantedBy=multi-user.target