108 lines
2.9 KiB
YAML
108 lines
2.9 KiB
YAML
# Save this file as: recipes/system/docker/playbook.yml
|
|
---
|
|
- name: Install and configure Docker
|
|
hosts: localhost
|
|
become: true
|
|
gather_facts: true
|
|
|
|
vars:
|
|
docker_packages:
|
|
- docker-ce
|
|
- docker-ce-cli
|
|
- containerd.io
|
|
- docker-buildx-plugin
|
|
- docker-compose-plugin
|
|
|
|
tasks:
|
|
- name: Ensure docker runtime user exists
|
|
ansible.builtin.user:
|
|
name: dockeruser
|
|
shell: /usr/sbin/nologin
|
|
create_home: yes
|
|
state: present
|
|
|
|
- name: Add current user to docker group
|
|
ansible.builtin.user:
|
|
name: "{{ ansible_env.USER }}"
|
|
groups: docker
|
|
append: yes
|
|
|
|
- name: Ensure /srv/docker owned by dockeruser
|
|
ansible.builtin.file:
|
|
path: /srv/docker
|
|
state: directory
|
|
owner: dockeruser
|
|
group: docker
|
|
mode: '0755'
|
|
|
|
# Existing tasks continue below
|
|
- name: Ensure required packages are installed
|
|
ansible.builtin.apt:
|
|
name: ["ca-certificates", "curl", "gnupg", "lsb-release"]
|
|
state: present
|
|
update_cache: yes
|
|
|
|
- name: Add Docker GPG key
|
|
ansible.builtin.shell: |
|
|
install -m 0755 -d /etc/apt/keyrings
|
|
curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
|
|
chmod a+r /etc/apt/keyrings/docker.gpg
|
|
args:
|
|
creates: /etc/apt/keyrings/docker.gpg
|
|
|
|
- name: Add Docker APT repository
|
|
ansible.builtin.copy:
|
|
dest: /etc/apt/sources.list.d/docker.list
|
|
content: |
|
|
deb [arch={{ ansible_architecture }} signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian {{ ansible_lsb.codename }} stable
|
|
|
|
- name: Update apt cache
|
|
ansible.builtin.apt:
|
|
update_cache: yes
|
|
|
|
- name: Install Docker packages
|
|
ansible.builtin.apt:
|
|
name: "{{ docker_packages }}"
|
|
state: present
|
|
|
|
- name: Ensure systemd is refreshed after Docker install
|
|
ansible.builtin.systemd:
|
|
daemon_reload: yes
|
|
|
|
- name: Start and enable Docker
|
|
ansible.builtin.service:
|
|
name: docker
|
|
state: started
|
|
enabled: yes
|
|
|
|
- name: Add current user to docker group
|
|
ansible.builtin.user:
|
|
name: "{{ ansible_user_id }}"
|
|
groups: docker
|
|
append: yes
|
|
|
|
- name: Create /srv/docker base directory
|
|
ansible.builtin.file:
|
|
path: /srv/docker
|
|
state: directory
|
|
owner: dockeruser
|
|
group: docker
|
|
mode: '0755'
|
|
|
|
- name: Create /srv/docker/services directory
|
|
ansible.builtin.file:
|
|
path: /srv/docker/services
|
|
state: directory
|
|
owner: dockeruser
|
|
group: docker
|
|
mode: '0755'
|
|
|
|
- name: Create /srv/docker/stacks directory
|
|
ansible.builtin.file:
|
|
path: /srv/docker/stacks
|
|
state: directory
|
|
owner: dockeruser
|
|
group: docker
|
|
mode: '0755'
|
|
|