commit 24a81a12d0ff1adb3ba9f88c42250996ca705906 Author: Knut Ahlers Date: Wed Dec 13 00:27:18 2017 +0100 Initial version Signed-off-by: Knut Ahlers diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..33b1653 --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,15 @@ +--- + +docker_configure_ipv6: true + +#docker_auth_config: +# auths: +# my.registry: +# auth: '{{ "user:pass" | b64encode }}' +docker_auth_config_user: root +docker_auth_config_homedir: /root + +docker_start_opts: +- -H fd:// + +... diff --git a/meta/main.yml b/meta/main.yml new file mode 100644 index 0000000..cb26b47 --- /dev/null +++ b/meta/main.yml @@ -0,0 +1,38 @@ +--- +galaxy_info: + author: Knut Ahlers + description: | + Install and configure docker on host + + license: Apache + min_ansible_version: 2.3 + + platforms: + - name: Ubuntu + versions: + - xenial + - name: Debian + versions: + - jessie + - stretch + + categories: + #- cloud + #- cloud:ec2 + #- cloud:gce + #- cloud:rax + #- clustering + #- database + #- database:nosql + #- database:sql + #- development + #- monitoring + #- networking + #- packaging + - system + #- web + +dependencies: [] + # List your role dependencies here, one per line. + # Be sure to remove the '[]' above if you add dependencies + # to this list. diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..4aadc4b --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,64 @@ +--- + +- name: Install apt-key + apt_key: + id: 0EBFCD88 + keyserver: keyserver.ubuntu.com + +- name: Ensure https transport to be available + apt: + name: apt-transport-https + +- name: Activate apt-repo + apt_repository: + repo: 'deb https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable' + state: present + +- name: Install docker + apt: + name: docker-ce + update_cache: yes + +- set_fact: + docker_global_ipv6: "{{ ansible_eth0.ipv6 | selectattr('scope', 'equalto', 'global') | first }}" + when: docker_configure_ipv6 and ansible_eth0 and ansible_eth0.ipv6 | selectattr('scope', 'equalto', 'global') | list | length > 0 + +- set_fact: + docker_ipv6_subnet: "{{ docker_global_ipv6.address | ipsubnet(docker_global_ipv6.prefix) | ipsubnet(80, -1) }}" + when: docker_global_ipv6 is defined + +- name: Create docker drop-in directory + file: + dest: /etc/systemd/system/docker.service.d + state: directory + +- name: Configure docker start options + template: + src: docker-startopts.conf + dest: /etc/systemd/system/docker.service.d/docker-startopts.conf + register: docker_startopts + +- name: Restart docker to apply new config + systemd: + name: docker.service + state: restarted + daemon_reload: yes + when: docker_startopts.changed + +- name: Create docker configuration dir + file: + dest: '{{ docker_auth_config_homedir }}/.docker' + mode: 0700 + owner: '{{ docker_auth_config_user }}' + state: directory + when: docker_auth_config is defined + +- name: Enable authentication for private registries + copy: + content: '{{ docker_auth_config | to_nice_json }}' + dest: '{{ docker_auth_config_homedir }}/.docker/config.json' + mode: 0600 + owner: '{{ docker_auth_config_user }}' + when: docker_auth_config is defined + +... diff --git a/templates/docker-startopts.conf b/templates/docker-startopts.conf new file mode 100644 index 0000000..22b87c6 --- /dev/null +++ b/templates/docker-startopts.conf @@ -0,0 +1,3 @@ +[Service] +ExecStart= +ExecStart=/usr/bin/dockerd {{ docker_start_opts | join(" ") }} {% if docker_ipv6_subnet is defined and docker_ipv6_subnet %}--ipv6 --fixed-cidr-v6='{{ docker_ipv6_subnet }}'{% endif %}