diff --git a/roles/docker/README.rst b/roles/docker/README.rst new file mode 100644 index 0000000..e1956de --- /dev/null +++ b/roles/docker/README.rst @@ -0,0 +1,78 @@ +Docker setup +============ + +Docker setup Ansible role. This role is largely inspired by `Jeff Geerling ` Docker role, I made my one since I tend to not rely on external projects too much especially when they are quite simple. + +Requirements +------------ + +This role was written for Debian. + +Role Variables +-------------- + +Variables can be found in the `default vars `_ + +.. codeblock:: yaml + docker_edition: 'ce' + docker_dependencies: + - "apt-transport-https" + - "ca-certificates" + - "curl" + - "gpg" + - "gnupg" + - "lsb-release" + docker_packages: + - "docker-{{ docker_edition }}" + - "docker-{{ docker_edition }}-cli" + - "docker-{{ docker_edition }}-rootless-extras" + - "containerd.io" + +Defines Docker flavor to install, dependencies and the packages to install. We don't install the docker-compose binary since compose is include in the Docker command line. + +.. codeblock:: yaml + docker_users: + - "syrell" + +A list of UNIX users to add to the docker group. + +.. codeblock:: yaml + docker_daemon_options: + docker_daemon_options: + log-opts: + max-size: "100m" + +A dictionary listing options to add to the Docker daemon. + +.. codeblock:: yaml + docker_apt_release_channel: stable + docker_repo_url: https://download.docker.com/linux + docker_apt_arch: amd64 + docker_apt_gpg_key: "{{ docker_repo_url }}/{{ ansible_distribution | lower }}/gpg" + docker_apt_repository: "deb [arch={{ docker_apt_arch }}] {{ docker_repo_url }}/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}" + +Variables relative to the Docker Debian repository. + +Dependencies +------------ + +None. + +Example Playbook +---------------- + +.. codeblock:: yaml + - name: Install docker + hosts: all + roles: + - docker + +License +------- + +BSD-3 + +Author Information +------------------ + +Role created by `syrell ` diff --git a/roles/docker/defaults/main.yml b/roles/docker/defaults/main.yml new file mode 100644 index 0000000..c374dbd --- /dev/null +++ b/roles/docker/defaults/main.yml @@ -0,0 +1,27 @@ +--- +# vars file for docker +docker_edition: 'ce' +docker_dependencies: + - "apt-transport-https" + - "ca-certificates" + - "curl" + - "gpg" + - "gnupg" + - "lsb-release" +docker_packages: + - "docker-{{ docker_edition }}" + - "docker-{{ docker_edition }}-cli" + - "docker-{{ docker_edition }}-rootless-extras" + - "containerd.io" +docker_users: + - "syrell" +docker_daemon_options: + docker_daemon_options: + log-opts: + max-size: "100m" + +docker_apt_release_channel: stable +docker_repo_url: https://download.docker.com/linux +docker_apt_arch: amd64 +docker_apt_gpg_key: "{{ docker_repo_url }}/{{ ansible_distribution | lower }}/gpg" +docker_apt_repository: "deb [arch={{ docker_apt_arch }}] {{ docker_repo_url }}/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}" diff --git a/roles/docker/handlers/main.yml b/roles/docker/handlers/main.yml new file mode 100644 index 0000000..0f7af98 --- /dev/null +++ b/roles/docker/handlers/main.yml @@ -0,0 +1,5 @@ +- name: restart docker + systemd: + name: docker + state: restarted + become: true diff --git a/roles/docker/meta/main.yml b/roles/docker/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/docker/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/docker/tasks/docker-users.yml b/roles/docker/tasks/docker-users.yml new file mode 100644 index 0000000..114500b --- /dev/null +++ b/roles/docker/tasks/docker-users.yml @@ -0,0 +1,10 @@ +- name: Ensure docker users are added to the docker group + user: + name: "{{ item }}" + groups: docker + append: true + with_items: "{{ docker_users }}" + notify: restart docker + +- name: Reset ssh connection to apply user changes. + meta: reset_connection diff --git a/roles/docker/tasks/docker.yml b/roles/docker/tasks/docker.yml new file mode 100644 index 0000000..62ddee0 --- /dev/null +++ b/roles/docker/tasks/docker.yml @@ -0,0 +1,61 @@ +- name: Install dependencies for Docker + apt: + name: "{{ docker_dependencies }}" + update_cache: true + +- name: Add Docker apt key. + get_url: + url: "{{ docker_apt_gpg_key }}" + dest: /etc/apt/trusted.gpg.d/docker.asc + mode: '0644' + force: true + register: add_repository_key + +- name: Add Docker repository + apt_repository: + repo: "{{ docker_apt_repository }}" + state: present + update_cache: true + +- name: Install Docker packages + apt: + name: "{{ docker_packages }}" + +- name: Ensure /etc/docker/ directory exists + file: + path: /etc/docker + state: directory + mode: 0755 + when: docker_daemon_options.keys() | length > 0 + +- name: Configure Docker daemon options + copy: + content: "{{ docker_daemon_options | to_nice_json }}" + dest: /etc/docker/daemon.json + mode: 0644 + when: docker_daemon_options.keys() | length > 0 + notify: restart docker + +- name: Ensure Docker is started and enabled at boot. + service: + name: docker + state: started + enabled: true + +- name: Get docker group info using getent. + getent: + database: group + key: docker + split: ':' + when: docker_users | length > 0 + +- name: Check if there are any users to add to the docker group + set_fact: + add_to_group: true + when: + - docker_users | length > 0 + - item not in ansible_facts.getent_group["docker"][2] + with_items: "{{ docker_users }}" + +- include_tasks: docker-users.yml + when: add_to_group is defined diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml new file mode 100644 index 0000000..c52731b --- /dev/null +++ b/roles/docker/tasks/main.yml @@ -0,0 +1,4 @@ +--- +# tasks file for docker +- import_tasks: docker.yml + become: true diff --git a/roles/docker/tests/inventory b/roles/docker/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/docker/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/docker/tests/test.yml b/roles/docker/tests/test.yml new file mode 100644 index 0000000..7aabdb0 --- /dev/null +++ b/roles/docker/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - docker diff --git a/roles/docker/vars/main.yml b/roles/docker/vars/main.yml new file mode 100644 index 0000000..3806b4c --- /dev/null +++ b/roles/docker/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for docker