diff options
Diffstat (limited to 'fdio.infra.ansible/roles/docker')
9 files changed, 202 insertions, 0 deletions
diff --git a/fdio.infra.ansible/roles/docker/defaults/main.yaml b/fdio.infra.ansible/roles/docker/defaults/main.yaml new file mode 100644 index 0000000000..8343558238 --- /dev/null +++ b/fdio.infra.ansible/roles/docker/defaults/main.yaml @@ -0,0 +1,38 @@ +--- +# file: roles/docker/defaults/main.yaml + +# Version options. +docker_edition: "ce" +docker_package: "docker-{{ docker_edition }}" +docker_package_state: latest + +# Service options. +docker_service_state: started +docker_service_enabled: true +docker_restart_handler_state: restarted + +# Used only for Debian/Ubuntu. +docker_apt_release_channel: "stable" +docker_apt_repository: "deb https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}" +docker_apt_repository_state: present +docker_apt_ignore_key_error: true +docker_apt_gpg_key: "https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg" +docker_apt_gpg_key_state: present + +# Used only for RedHat/CentOS/Fedora. +docker_yum_repo_url: https://download.docker.com/linux/{{ (ansible_distribution == "Fedora") | ternary("fedora","centos") }}/docker-{{ docker_edition }}.repo +docker_yum_repo_enable_edge: "0" +docker_yum_repo_enable_test: "0" +docker_yum_gpg_key: https://download.docker.com/linux/centos/gpg + +# A list of users who will be added to the docker group. +docker_users: + - "testuser" + +# Proxy settings. +docker_daemon_environment_http: + - "HTTP_PROXY={{ proxy_env.http_proxy }}" + - "NO_PROXY={{ proxy_env.no_proxy }}" +docker_daemon_environment_https: + - "HTTPS_PROXY={{ proxy_env.https_proxy }}" + - "NO_PROXY={{ proxy_env.no_proxy }}"
\ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker/handlers/main.yaml b/fdio.infra.ansible/roles/docker/handlers/main.yaml new file mode 100644 index 0000000000..d89adb9a1a --- /dev/null +++ b/fdio.infra.ansible/roles/docker/handlers/main.yaml @@ -0,0 +1,9 @@ +--- +# file roles/docker/handlers/main.yaml + +- name: Restart Docker + service: + name: "docker" + state: "{{ docker_restart_handler_state }}" + tags: + - docker-restart-service
\ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker/meta/main.yaml b/fdio.infra.ansible/roles/docker/meta/main.yaml new file mode 100644 index 0000000000..ab3d197791 --- /dev/null +++ b/fdio.infra.ansible/roles/docker/meta/main.yaml @@ -0,0 +1,4 @@ +--- +# file: roles/docker/meta/main.yaml + +dependencies: []
\ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker/tasks/main.yaml b/fdio.infra.ansible/roles/docker/tasks/main.yaml new file mode 100644 index 0000000000..5a96b7a7c5 --- /dev/null +++ b/fdio.infra.ansible/roles/docker/tasks/main.yaml @@ -0,0 +1,82 @@ +--- +# file: roles/docker/tasks/main.yaml + +- include_tasks: "{{ ansible_distribution|lower }}_{{ ansible_distribution_release }}.yaml" + tags: + - docker-inst-dependencies + +- name: Inst - Docker + package: + name: + - "{{ docker_package }}" + - "{{ docker_package }}-cli" + state: "{{ docker_package_state }}" + tags: + - docker-inst-package + +- name: Conf - Docker Service + service: + name: docker + state: "{{ docker_service_state }}" + enabled: "{{ docker_service_enabled }}" + tags: + - docker-conf-service + +- name: Conf - Docker Service Directory + file: + path: "/etc/systemd/system/docker.service.d" + state: "directory" + tags: + - docker-conf-service + +- name: Conf - Docker Daemon + template: + src: "templates/daemon.json.j2" + dest: "/etc/docker/daemon.json" + owner: "root" + group: "root" + mode: "0644" + when: > + docker_daemon is defined + tags: + - docker-conf-daemon + +- name: Conf - Docker HTTP Proxy + template: + src: "templates/docker.service.proxy.http" + dest: "/etc/systemd/system/docker.service.d/http-proxy.conf" + owner: "root" + group: "root" + mode: "0644" + notify: + - "Restart Docker" + when: > + proxy_env is defined and + proxy_env.http_proxy is defined + tags: + - docker-conf-service + +- name: Conf - Docker HTTPS Proxy + template: + src: "templates/docker.service.proxy.https" + dest: "/etc/systemd/system/docker.service.d/https-proxy.conf" + owner: "root" + group: "root" + mode: "0644" + notify: + - "Restart Docker" + when: > + proxy_env is defined and + proxy_env.https_proxy is defined + tags: + - docker-conf-service + +- name: Conf - Users to Docker Group + user: + name: "{{ item }}" + groups: "docker" + append: True + loop: "{{ docker_users }}" + when: docker_users + tags: + - docker-conf-user diff --git a/fdio.infra.ansible/roles/docker/tasks/ubuntu_bionic.yaml b/fdio.infra.ansible/roles/docker/tasks/ubuntu_bionic.yaml new file mode 100644 index 0000000000..8bda4fed21 --- /dev/null +++ b/fdio.infra.ansible/roles/docker/tasks/ubuntu_bionic.yaml @@ -0,0 +1,30 @@ +--- +# file: roles/docker/tasks/ubuntu_bionic.yaml + +- name: Inst - Dependencies + apt: + name: + - "apt-transport-https" + - "ca-certificates" + - "gpg-agent" + - "software-properties-common" + state: "present" + cache_valid_time: 3600 + install_recommends: False + tags: + - docker-inst-dependencies + +- name: Conf - Add APT Key + apt_key: + url: "{{ docker_apt_gpg_key }}" + state: "{{ docker_apt_gpg_key_state }}" + tags: + - docker-conf-apt + +- name: Conf - Install APT Repository + apt_repository: + repo: "{{ docker_apt_repository }}" + state: "{{ docker_apt_repository_state }}" + update_cache: yes + tags: + - docker-conf-apt diff --git a/fdio.infra.ansible/roles/docker/tasks/ubuntu_focal.yaml b/fdio.infra.ansible/roles/docker/tasks/ubuntu_focal.yaml new file mode 100644 index 0000000000..84bd1c5824 --- /dev/null +++ b/fdio.infra.ansible/roles/docker/tasks/ubuntu_focal.yaml @@ -0,0 +1,30 @@ +--- +# file: roles/docker/tasks/ubuntu_focal.yaml + +- name: Inst - Dependencies + apt: + name: + - "apt-transport-https" + - "ca-certificates" + - "gpg-agent" + - "software-properties-common" + state: "present" + cache_valid_time: 3600 + install_recommends: False + tags: + - docker-inst-dependencies + +- name: Conf - Add APT Key + apt_key: + url: "{{ docker_apt_gpg_key }}" + state: "{{ docker_apt_gpg_key_state }}" + tags: + - docker-conf-apt + +- name: Conf - Install APT Repository + apt_repository: + repo: "{{ docker_apt_repository }}" + state: "{{ docker_apt_repository_state }}" + update_cache: yes + tags: + - docker-conf-apt diff --git a/fdio.infra.ansible/roles/docker/templates/daemon.json.j2 b/fdio.infra.ansible/roles/docker/templates/daemon.json.j2 new file mode 100644 index 0000000000..becc2b1af7 --- /dev/null +++ b/fdio.infra.ansible/roles/docker/templates/daemon.json.j2 @@ -0,0 +1 @@ +{{ docker_daemon | to_nice_json }}
\ No newline at end of file diff --git a/fdio.infra.ansible/roles/docker/templates/docker.service.proxy.http b/fdio.infra.ansible/roles/docker/templates/docker.service.proxy.http new file mode 100644 index 0000000000..73ceba3870 --- /dev/null +++ b/fdio.infra.ansible/roles/docker/templates/docker.service.proxy.http @@ -0,0 +1,4 @@ +# {{ ansible_managed }} + +[Service] +Environment="{{ docker_daemon_environment_http | join('" "') }}" diff --git a/fdio.infra.ansible/roles/docker/templates/docker.service.proxy.https b/fdio.infra.ansible/roles/docker/templates/docker.service.proxy.https new file mode 100644 index 0000000000..1c2097eb9d --- /dev/null +++ b/fdio.infra.ansible/roles/docker/templates/docker.service.proxy.https @@ -0,0 +1,4 @@ +# {{ ansible_managed }} + +[Service] +Environment="{{ docker_daemon_environment_https | join('" "') }}" |