фикс ошибок линта и молекулы

addons/netbird/role/molecule/default/converge.yml

@@ -0,0 +1,34 @@
+---
+- name: Converge — netbird template tests
+  hosts: all
+  become: false
+  gather_facts: false
+
+  vars:
+    netbird_namespace: netbird
+    netbird_domain: "netbird.home.local"
+    netbird_management_lb_ip: "192.168.1.110"
+    netbird_signal_lb_ip: "192.168.1.111"
+    netbird_coturn_lb_ip: "192.168.1.112"
+    netbird_coturn_enabled: true
+    netbird_coturn_user: "netbird"
+    netbird_coturn_password: "molecule-coturn-password"
+    netbird_management_storage_size: "1Gi"
+    netbird_management_storage_class: ""
+    netbird_ingress_enabled: false
+    netbird_ingress_host: "netbird.home.local"
+    netbird_ingress_class: "nginx"
+    netbird_subnet_router_enabled: false
+
+  tasks:
+    - name: Render netbird-management-values.yaml.j2
+      ansible.builtin.template:
+        src: "{{ playbook_dir }}/../../templates/netbird-management-values.yaml.j2"
+        dest: /tmp/netbird-management-values.yaml
+        mode: "0644"
+
+    - name: Render netbird-signal-values.yaml.j2
+      ansible.builtin.template:
+        src: "{{ playbook_dir }}/../../templates/netbird-signal-values.yaml.j2"
+        dest: /tmp/netbird-signal-values.yaml
+        mode: "0644"

addons/netbird/role/molecule/default/molecule.yml

@@ -0,0 +1,28 @@
+---
+driver:
+  name: docker
+
+platforms:
+  - name: master01
+    image: geerlingguy/docker-ubuntu2204-ansible:latest
+    pre_build_image: true
+    groups:
+      - k3s_master
+
+provisioner:
+  name: ansible
+  playbooks:
+    converge: converge.yml
+    verify: verify.yml
+  config_options:
+    defaults:
+      interpreter_python: auto_silent
+
+verifier:
+  name: ansible
+
+lint: |
+  set -e
+  yamllint .
+  ansible-lint
+

addons/netbird/role/molecule/default/verify.yml

@@ -0,0 +1,52 @@
+---
+- name: Verify — netbird templates
+  hosts: all
+  become: false
+  gather_facts: false
+
+  tasks:
+    # ── Management values ─────────────────────────────────────────────────────
+    - name: Read management values
+      ansible.builtin.slurp:
+        src: /tmp/netbird-management-values.yaml
+      register: mgmt_raw
+
+    - name: Parse management values YAML
+      ansible.builtin.set_fact:
+        mgmt: "{{ mgmt_raw.content | b64decode | from_yaml }}"
+
+    - name: Assert service type is LoadBalancer
+      ansible.builtin.assert:
+        that: mgmt.service.type == 'LoadBalancer'
+        fail_msg: "service.type должен быть LoadBalancer"
+
+    - name: Assert kube-vip annotation with management IP
+      ansible.builtin.assert:
+        that: "'192.168.1.110' in (mgmt_raw.content | b64decode)"
+        fail_msg: "management LB IP 192.168.1.110 не найден"
+
+    - name: Assert persistence is enabled
+      ansible.builtin.assert:
+        that: mgmt.persistence.enabled == true
+        fail_msg: "persistence.enabled должен быть true"
+
+    - name: Assert coturn STUN URI contains coturn IP
+      ansible.builtin.assert:
+        that: "'192.168.1.112' in (mgmt_raw.content | b64decode)"
+        fail_msg: "coturn LB IP 192.168.1.112 не найден в STUN config"
+
+    - name: Assert TURN credentials are set
+      ansible.builtin.assert:
+        that: "'molecule-coturn-password' in (mgmt_raw.content | b64decode)"
+        fail_msg: "coturn password не найден в конфиге"
+
+    # ── Signal values ─────────────────────────────────────────────────────────
+    - name: Read signal values
+      ansible.builtin.slurp:
+        src: /tmp/netbird-signal-values.yaml
+      register: signal_raw
+
+    - name: Assert signal values render
+      ansible.builtin.assert:
+        that: "'192.168.1.111' in (signal_raw.content | b64decode)"
+        fail_msg: "signal LB IP 192.168.1.111 не найден"