---
- name: Add docker apt key
  ansible.builtin.apt_key:
    url: https://download.docker.com/linux/ubuntu/gpg
    state: present
  when:
    - docker_ver == "docker_ce"

- name: Add docker repository
  ansible.builtin.apt_repository:
    repo: 'deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable'
    state: present
    update_cache: true
  when:
    - docker_ver == "docker_ce"

- name: "Ensure GRUB_CMDLINE_LINUX is updated"
  ansible.builtin.lineinfile:
    dest: /etc/default/grub
    regexp: '^(GRUB_CMDLINE_LINUX=".*)"$'
    line: '\1 cgroup_enable=memory swapaccount=1"'
    backrefs: yes
  when:
    - not docker_installed.stat.exists

- name: "Update grub.conf"
  ansible.builtin.command: update-grub
  when:
    - not docker_installed.stat.exists

- name: "Ensure DEFAULT_FORWARD_POLICY in /etc/default/ufw is updated"
  ansible.builtin.lineinfile:
    dest: /etc/default/ufw
    regexp: '^(DEFAULT_FORWARD_POLICY=").*"$'
    line: '\1ACCEPT"'
    backrefs: yes
  notify: reload ufw
  tags: [docker,firewall]

# Need Certificat ? Only in local
# - name: "Add docker port 2376/TCP "
#   ufw: rule=allow port=2376 proto=tcp
#   notify: reload ufw
#   tags: [docker,firewall]

# - name: "Start UFW rules"
#   service: name=ufw state=started
#   tags: [docker,firewall]