- Remove /var/lib/docker/volumes mount (fails on nested Docker hosts)
- Add AGENT_HOST env var so agent cert is valid for host's real IP
- Add TLSSkipVerify/TLSSkipClientVerify to Portainer endpoint registration
to handle existing agents with bridge-IP certs
- Remove final delegate_to: localhost (wait_for now runs on remote host)
- Add ignore_errors: true to agent deploy and enrollment tasks
- Guard existing_endpoints.json with | default([]) for failed API calls
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
sam
d2cf626bee