adrien/ansible-role-docker
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Update docker role
Some checks reported errors
continuous-integration/drone/push Build encountered an error
Details

Browse source
This commit is contained in:
Adrien Reslinger 2022-10-27 23:43:08 +02:00
parent 97d923feb1
commit 5a452f5687
Signed by: adrien
GPG key ID: DA7B27055C66D6DE
6 changed files with 31 additions and 102 deletions
Download patch file Download diff file Expand all files Collapse all files

BIN
files/etc/apt/keyrings/docker.gpg Normal file
View file

Binary file not shown.

2
handlers/main.yml
View file

@ -2,3 +2,5 @@
- name: Restart docker - name: Restart docker
service: name=docker state=restarted service: name=docker state=restarted
- name: reload ufw
service: name=ufw state=reloaded

27
tasks/Debian.yml
View file

@ -1,14 +1,21 @@
--- ---
- name: add docker apt key #- name: Add docker apt key
apt_key: # ansible.builtin.get_url:
url: https://download.docker.com/linux/ubuntu/gpg # url: https://download.docker.com/linux/ubuntu/gpg.asc
state: present # dest: /etc/apt/keyrings/docker.gpg
# when:
# - docker_ver == "docker_ce"
- name: Add docker apt key
ansible.builtin.copy:
src: etc/apt/keyrings/docker.gpg
dest: /etc/apt/keyrings/docker.gpg
when: when:
- docker_ver == "docker_ce" - docker_ver == "docker_ce"
- name: add docker repository - name: Add docker repository
apt_repository: apt_repository:
repo: 'deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable' repo: 'deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable'
filename: docker-ce
state: present state: present
update_cache: yes update_cache: yes
when: when:
@ -28,6 +35,13 @@
when: when:
- not docker_installed.stat.exists - not docker_installed.stat.exists
- name: Check whether ufw status is active
shell: ufw status
changed_when: False
ignore_errors: True
register: ufw_check
check_mode: false
- name: "Ensure DEFAULT_FORWARD_POLICY in /etc/default/ufw is updated" - name: "Ensure DEFAULT_FORWARD_POLICY in /etc/default/ufw is updated"
lineinfile: lineinfile:
dest: /etc/default/ufw dest: /etc/default/ufw
@ -35,6 +49,7 @@
line: '\1ACCEPT"' line: '\1ACCEPT"'
backrefs: yes backrefs: yes
notify: reload ufw notify: reload ufw
when: "'inactive' not in ufw_check.stdout"
tags: [docker,firewall] tags: [docker,firewall]
# Need Certificat ? Only in local # Need Certificat ? Only in local

17
tasks/main.yml
View file

@ -2,14 +2,9 @@
- name: Include vars for {{ ansible_os_family }} - name: Include vars for {{ ansible_os_family }}
include_vars: "{{ ansible_os_family }}_{{ docker_ver }}.yml" include_vars: "{{ ansible_os_family }}_{{ docker_ver }}.yml"
# Is it needed any more ? - name: See if docker is installed
#- name: "Ensure system is x86_64" stat: path=/usr/bin/docker
# fail: msg="Docker requires a 64bit system architecture" register: docker_installed
# when: "ansible_architecture != 'x86_64'"
#
#- name: See if docker is installed
# stat: path=/usr/bin/docker
# register: docker_installed
- name: Install docker rules for {{ ansible_os_family }} OS family - name: Install docker rules for {{ ansible_os_family }} OS family
include_tasks: "{{ ansible_os_family }}.yml" include_tasks: "{{ ansible_os_family }}.yml"
@ -39,10 +34,8 @@
# Add normal user to docker group # Add normal user to docker group
- include_tasks: tools.yml
# Configuration dans /etc/docker/daemon.json # Configuration dans /etc/docker/daemon.json
- name: config_docker | Ensuring /etc/docker Folder Exists - name: Config_docker | Ensuring /etc/docker Folder Exists
file: file:
path: "/etc/docker" path: "/etc/docker"
state: "directory" state: "directory"
@ -50,7 +43,7 @@
owner: root owner: root
mode: 0700 mode: 0700
#- name: config_docker | Configuring Docker #- name: Config_docker | Configuring Docker
# template: # template:
# src: "etc/docker/daemon.json.j2" # src: "etc/docker/daemon.json.j2"
# dest: "/etc/docker/daemon.json" # dest: "/etc/docker/daemon.json"

84
tasks/tools.yml
View file

@ -1,84 +0,0 @@
---
# Docker machine
- name: Check if docker-machine is already installed
stat:
path: /usr/local/bin/docker-machine
register: dockermachine
check_mode: no
- name: Check local version installed
shell: set -o pipefail && docker-compose --version | sed 's|docker-compose version \([^ ,]*\).*|\1|'
register: dockermachine_locver
changed_when: false
check_mode: no
when:
- dockermachine.stat.exists
- name: Check online version
shell: set -o pipefail && curl -s https://github.com/docker/machine/releases/latest | sed 's|.*tag/\(.*\)".*|\1|'
register: dockermachine_ver
changed_when: false
check_mode: no
- name: "Retreive docker-machine version {{ dockermachine_ver.stdout }}"
get_url:
url: https://github.com/docker/machine/releases/download/{{ dockermachine_ver.stdout }}/docker-machine-{{ ansible_system }}-{{ ansible_machine }}
dest: /usr/local/bin/docker-machine
owner: root
group: root
mode: 0755
- name: Check docker-machine-driver-kvm online version
shell: set -o pipefail && curl -s https://github.com/dhiltgen/docker-machine-kvm/releases/latest | sed 's|.*tag/\(.*\)".*|\1|'
register: dockermachinekvm_ver
changed_when: false
check_mode: no
- name: Retreive docker-machine-driver-kvm
get_url:
url: https://github.com/dhiltgen/docker-machine-kvm/releases/download/{{ dockermachinekvm_ver.stdout }}/docker-machine-driver-kvm-{{ ansible_distribution | lower }}{{ ansible_distribution_major_version }}
dest: /usr/local/bin/docker-machine-driver-kvm
owner: root
group: root
mode: 0755
- name: Retreive docker-machine-driver-kvm2
get_url:
url: https://storage.googleapis.com/minikube/releases/latest/docker-machine-driver-kvm2
dest: /usr/local/bin/docker-machine-driver-kvm2
owner: root
group: root
mode: 0755
#- name: Check docker-machine-driver-scaleway online version
# shell: set -o pipefail && curl -s https://github.com/scaleway/docker-machine-driver-scaleway/releases/latest | sed 's|.*tag/\(.*\)".*|\1|'
# register: dockermachinescw_ver
# changed_when: false
# check_mode: no
#- name: Retreive docker-machine-driver-scaleway
# get_url:
# url: https://github.com/scaleway/docker-machine-driver-scaleway/releases/download/{{ dockermachinescw_ver.stdout }}/docker-machine-driver-scaleway_{{ dockermachinescw_ver.stdout }}_{{ ansible_system | lower }}_{{ ansible_machine | regex_replace('x86_64', 'amd64')}}.tar.gz
# dest: /usr/local/bin/docker-machine-driver-scaleway
# owner: root
# group: root
# mode: 0755
# docker-compose
- name: Check if docker-compose is already installed
stat:
path: /usr/local/bin/docker-compose
register: dockercompose
check_mode: no
- name: Check online version
shell: set -o pipefail && curl -s https://github.com/docker/compose/releases/latest | sed 's|.*tag/\(.*\)".*|\1|'
register: dockercompose_ver
changed_when: false
check_mode: no
- name: Retreive docker-compose
get_url:
url: https://github.com/docker/compose/releases/download/{{ dockercompose_ver.stdout }}/docker-compose-{{ ansible_system }}-{{ ansible_machine }}
dest: /usr/local/bin/docker-compose
owner: root
group: root
mode: 0755

3
vars/RedHat_docker_ce.yml
View file

@ -1,6 +1,9 @@
--- ---
docker_package_name: docker_package_name:
- docker-ce - docker-ce
- docker-ce-cli
- docker-compose-plugin
- docker-scan-plugin
# - docker-ce-selinux # obsolète # - docker-ce-selinux # obsolète
docker_remove_packages_name: docker_remove_packages_name:
- docker - docker