refactor: yml -> yaml

Signed-off-by: Tuan-Dat Tran <tuan-dat.tran@tudattr.dev>

roles/k3s_server/tasks/pull_token.yaml

@@ -0,0 +1,26 @@
+- name: Get K3s token from the first server
+  when: ansible_default_ipv4.address == k3s_primary_server_ip
+  ansible.builtin.slurp:
+    src: /var/lib/rancher/k3s/server/node-token
+  register: k3s_token
+  become: true
+
+- name: Set fact on k3s_primary_server_ip
+  ansible.builtin.set_fact:
+    k3s_token: "{{ k3s_token['content'] | b64decode | trim }}"
+  when:
+    - ansible_default_ipv4.address == k3s_primary_server_ip
+
+- name: Write K3s token to local file for encryption
+  ansible.builtin.copy:
+    content: |
+      k3s_token: "{{ k3s_token }}"
+    dest: "{{ playbook_dir }}/{{ k3s_server_token_vault_file }}"
+    mode: "0600"
+  delegate_to: localhost
+  run_once: true
+
+- name: Encrypt k3s token
+  ansible.builtin.shell: cd ../; ansible-vault encrypt "{{ playbook_dir }}/{{ k3s_server_token_vault_file }}"
+  delegate_to: localhost
+  run_once: true