infra/roles/base/tasks/swap.yml

---
- name: Check if swap file exists
  ansible.builtin.stat:
    path: /swapfile
  register: swapfile_stat

- name: Create swap file (2 GiB)
  ansible.builtin.command: fallocate -l 2G /swapfile
  when: not swapfile_stat.stat.exists
  changed_when: true

- name: Set swap file permissions
  ansible.builtin.file:
    path: /swapfile
    mode: "0600"
    owner: root
    group: root
  when: not swapfile_stat.stat.exists

- name: Format swap file
  ansible.builtin.command: mkswap /swapfile
  when: not swapfile_stat.stat.exists
  changed_when: true

- name: Enable swap
  ansible.builtin.command: swapon /swapfile
  when: not swapfile_stat.stat.exists
  changed_when: true

- name: Persist swap in /etc/fstab
  ansible.builtin.lineinfile:
    path: /etc/fstab
    line: "/swapfile none swap sw 0 0"
    state: present

- name: Set swappiness to 10 (prefer RAM over swap)
  ansible.posix.sysctl:
    name: vm.swappiness
    value: "10"
    state: present
    sysctl_set: true
    reload: true