From 7230e32ebc7371eaeaac7f52c763444a7335f5ea Mon Sep 17 00:00:00 2001
From: Marko Vukovic <8951449+anon-software@users.noreply.github.com>
Date: Tue, 27 Aug 2024 12:00:03 -0700
Subject: [PATCH] Restore the server URL into systemd configuration file

There aren't any security implications in keeping it there.

Signed-off-by: Marko Vukovic <8951449+anon-software@users.noreply.github.com>
---
 roles/k3s_agent/tasks/main.yml                 | 3 +--
 roles/k3s_agent/templates/k3s-agent.service.j2 | 2 +-
 roles/k3s_server/tasks/main.yml                | 3 +--
 roles/k3s_server/templates/k3s-ha.service.j2   | 2 +-
 4 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/roles/k3s_agent/tasks/main.yml b/roles/k3s_agent/tasks/main.yml
index 66c943d3..8db49c09 100644
--- a/roles/k3s_agent/tasks/main.yml
+++ b/roles/k3s_agent/tasks/main.yml
@@ -35,14 +35,13 @@
         INSTALL_K3S_EXEC: "agent"
       changed_when: true
 
-    - name: Add the token and first server URL for joining the cluster to the environment
+    - name: Add the token for joining the cluster to the environment
       no_log: true # avoid logging the server token
       ansible.builtin.lineinfile:
         path: "{{ systemd_dir }}/k3s-agent.service.env"
         line: "{{ item }}"
       with_items:
         - "K3S_TOKEN={{ token }}"
-        - "K3S_URL=https://{{ api_endpoint }}:{{ api_port }}"
 
 - name: Copy K3s service file
   register: k3s_agent_service
diff --git a/roles/k3s_agent/templates/k3s-agent.service.j2 b/roles/k3s_agent/templates/k3s-agent.service.j2
index 707cec8b..4d0bad5a 100644
--- a/roles/k3s_agent/templates/k3s-agent.service.j2
+++ b/roles/k3s_agent/templates/k3s-agent.service.j2
@@ -26,4 +26,4 @@ RestartSec=5s
 ExecStartPre=/bin/sh -xc '! /usr/bin/systemctl is-enabled --quiet nm-cloud-setup.service'
 ExecStartPre=-/sbin/modprobe br_netfilter
 ExecStartPre=-/sbin/modprobe overlay
-ExecStart=/usr/local/bin/k3s agent --data-dir {{ k3s_server_location }} {{ extra_agent_args }}
+ExecStart=/usr/local/bin/k3s agent --data-dir {{ k3s_server_location }} --server https://{{ api_endpoint }}:{{ api_port }} {{ extra_agent_args }}
diff --git a/roles/k3s_server/tasks/main.yml b/roles/k3s_server/tasks/main.yml
index f0cd2f6d..466d56e2 100644
--- a/roles/k3s_server/tasks/main.yml
+++ b/roles/k3s_server/tasks/main.yml
@@ -181,14 +181,13 @@
     - (groups[server_group] | length) > 1
     - inventory_hostname != groups[server_group][0]
   block:
-    - name: Add the token and first server URL for joining the cluster to the environment
+    - name: Add the token for joining the cluster to the environment
       no_log: true # avoid logging the server token
       ansible.builtin.lineinfile:
         path: "{{ systemd_dir }}/k3s.service.env"
         line: "{{ item }}"
       with_items:
         - "K3S_TOKEN={{ token }}"
-        - "K3S_URL=https://{{ api_endpoint }}:{{ api_port }}"
 
     - name: Copy K3s service file [HA]
       when: not use_external_database
diff --git a/roles/k3s_server/templates/k3s-ha.service.j2 b/roles/k3s_server/templates/k3s-ha.service.j2
index 60b284b8..131f590e 100644
--- a/roles/k3s_server/templates/k3s-ha.service.j2
+++ b/roles/k3s_server/templates/k3s-ha.service.j2
@@ -25,4 +25,4 @@ Restart=always
 RestartSec=5s
 ExecStartPre=-/sbin/modprobe br_netfilter
 ExecStartPre=-/sbin/modprobe overlay
-ExecStart=/usr/local/bin/k3s server --data-dir {{ k3s_server_location }} {{ extra_server_args }} 
+ExecStart=/usr/local/bin/k3s server --data-dir {{ k3s_server_location }} --server https://{{ api_endpoint }}:{{ api_port }} {{ extra_server_args }}