Initial version

Signed-off-by: Knut Ahlers <knut@ahlers.me>
2024-11-08 13:50:10 +00:00 · 2017-12-13 00:27:18 +01:00 · 2017-12-13 00:27:18 +01:00 · 24a81a12d0
commit 24a81a12d0
4 changed files with 120 additions and 0 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -0,0 +1,15 @@
+---
+
+docker_configure_ipv6: true
+
+#docker_auth_config:
+#  auths:
+#    my.registry:
+#      auth: '{{ "user:pass" | b64encode }}'
+docker_auth_config_user: root
+docker_auth_config_homedir: /root
+
+docker_start_opts:
+- -H fd://
+
+...
--- a/meta/main.yml
+++ b/meta/main.yml
@ -0,0 +1,38 @@
+---
+galaxy_info:
+  author: Knut Ahlers
+  description: |
+    Install and configure docker on host
+
+  license: Apache
+  min_ansible_version: 2.3
+
+  platforms:
+  - name: Ubuntu
+    versions:
+      - xenial
+  - name: Debian
+    versions:
+      - jessie
+      - stretch
+
+  categories:
+    #- cloud
+    #- cloud:ec2
+    #- cloud:gce
+    #- cloud:rax
+    #- clustering
+    #- database
+    #- database:nosql
+    #- database:sql
+    #- development
+    #- monitoring
+    #- networking
+    #- packaging
+    - system
+    #- web
+
+dependencies: []
+  # List your role dependencies here, one per line.
+  # Be sure to remove the '[]' above if you add dependencies
+  # to this list.
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -0,0 +1,64 @@
+---
+
+- name: Install apt-key
+  apt_key:
+    id: 0EBFCD88
+    keyserver: keyserver.ubuntu.com
+
+- name: Ensure https transport to be available
+  apt:
+    name: apt-transport-https
+
+- name: Activate apt-repo
+  apt_repository:
+    repo: 'deb https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable'
+    state: present
+
+- name: Install docker
+  apt:
+    name: docker-ce
+    update_cache: yes
+
+- set_fact:
+    docker_global_ipv6: "{{ ansible_eth0.ipv6 | selectattr('scope', 'equalto', 'global') | first }}"
+  when: docker_configure_ipv6 and ansible_eth0 and ansible_eth0.ipv6 | selectattr('scope', 'equalto', 'global') | list | length > 0
+
+- set_fact:
+    docker_ipv6_subnet: "{{ docker_global_ipv6.address | ipsubnet(docker_global_ipv6.prefix) | ipsubnet(80, -1) }}"
+  when: docker_global_ipv6 is defined
+
+- name: Create docker drop-in directory
+  file:
+    dest: /etc/systemd/system/docker.service.d
+    state: directory
+
+- name: Configure docker start options
+  template:
+    src: docker-startopts.conf
+    dest: /etc/systemd/system/docker.service.d/docker-startopts.conf
+  register: docker_startopts
+
+- name: Restart docker to apply new config
+  systemd:
+    name: docker.service
+    state: restarted
+    daemon_reload: yes
+  when: docker_startopts.changed
+
+- name: Create docker configuration dir
+  file:
+    dest: '{{ docker_auth_config_homedir }}/.docker'
+    mode: 0700
+    owner: '{{ docker_auth_config_user }}'
+    state: directory
+  when: docker_auth_config is defined
+
+- name: Enable authentication for private registries
+  copy:
+    content: '{{ docker_auth_config | to_nice_json }}'
+    dest: '{{ docker_auth_config_homedir }}/.docker/config.json'
+    mode: 0600
+    owner: '{{ docker_auth_config_user }}'
+  when: docker_auth_config is defined
+
+...
--- a/templates/docker-startopts.conf
+++ b/templates/docker-startopts.conf
@ -0,0 +1,3 @@
+[Service]
+ExecStart=
+ExecStart=/usr/bin/dockerd {{ docker_start_opts | join(" ") }} {% if docker_ipv6_subnet is defined and docker_ipv6_subnet %}--ipv6 --fixed-cidr-v6='{{ docker_ipv6_subnet }}'{% endif %}