2017-03-24 15:38:38 +01:00
|
|
|
---
|
2022-05-10 19:04:58 +02:00
|
|
|
# If docher_home sets to /home/, the partition should be mounted with exec option.
|
2022-05-10 18:21:59 +02:00
|
|
|
docker_home: /var/lib/docker
|
2017-09-29 15:27:35 +02:00
|
|
|
docker_tmpdir: "{{docker_home}}/tmp"
|
2017-03-24 15:38:38 +01:00
|
|
|
|
2022-05-10 19:04:58 +02:00
|
|
|
# Chose to use iptables instead of docker-proxy userland process
|
|
|
|
docker_conf_use_iptables: False
|
|
|
|
|
|
|
|
# Disable the possibility for containers processes to gain new privileges
|
|
|
|
docker_conf_no_newprivileges: False
|
|
|
|
|
|
|
|
# Disable all default network connectivity
|
|
|
|
docker_conf_disable_default_networking: False
|
|
|
|
|
|
|
|
# Remote access
|
|
|
|
docker_remote_access_enabled: False
|
2017-03-24 15:38:38 +01:00
|
|
|
docker_daemon_port: 2376
|
|
|
|
docker_daemon_listening_ip: 0.0.0.0
|
|
|
|
|
2022-05-10 19:04:58 +02:00
|
|
|
# TLS
|
2022-05-10 18:21:59 +02:00
|
|
|
docker_tls_enabled: False
|
2017-09-29 15:27:35 +02:00
|
|
|
docker_tls_path: "{{docker_home}}/tls"
|
2017-03-24 15:38:38 +01:00
|
|
|
docker_tls_ca: ca/ca.pem
|
|
|
|
docker_tls_ca_key: ca/ca-key.pem
|
|
|
|
docker_tls_cert: server/cert.pem
|
|
|
|
docker_tls_key: server/key.pem
|
|
|
|
docker_tls_csr: server/server.csr
|