evolix/ansible-roles
22
2
Fork 2
Code Issues 61 Pull requests 18 Releases 33 Wiki Activity

docker-host: lint

Browse source
This commit is contained in:
Ludovic Poujol 2024-04-18 16:10:26 +02:00
parent a41e78b556
commit 5d11468327
Signed by: lpoujol
SSH key fingerprint: SHA256:YZbQWfjHONnvIGkFZMs0xRKtqzqGqwtZU+kCOKhZXPA
2 changed files with 19 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
docker-host/defaults/main.yml
View file

@ -4,24 +4,24 @@ docker_home: /var/lib/docker
docker_tmpdir: "{{ docker_home }}/tmp"
# Disable the possibility for containers processes to gain new privileges
docker_conf_no_newprivileges: False
docker_conf_no_newprivileges: false
# Toggle live restore (need to be disabled in swarm mode)
docker_conf_live_restore: True
docker_conf_live_restore: true
# Toggle user namespace
docker_conf_user_namespace: True
docker_conf_user_namespace: true
# Disable all default network connectivity
docker_conf_disable_default_networking: False
docker_conf_disable_default_networking: false
# Remote access
docker_remote_access_enabled: False
docker_remote_access_enabled: false
docker_daemon_port: 2376
docker_daemon_listening_ip: 0.0.0.0
# TLS
docker_tls_enabled: False
docker_tls_enabled: false
docker_tls_path: "{{ docker_home }}/tls"
docker_tls_ca: ca/ca.pem
docker_tls_ca_key: ca/ca-key.pem
@ -29,4 +29,4 @@ docker_tls_cert: server/cert.pem
docker_tls_key: server/key.pem
docker_tls_csr: server/server.csr
apt_keyring_dir: "{{ ansible_distribution_major_version is version('12', '<') | ternary('/etc/apt/trusted.gpg.d', '/etc/apt/keyrings') }}"
apt_keyring_dir: "{{ ansible_distribution_major_version is version('12', '<') | ternary('/etc/apt/trusted.gpg.d', '/etc/apt/keyrings') }}"

22
docker-host/tasks/main.yml
View file

@ -32,7 +32,7 @@
when: ansible_distribution_major_version is version('10', '<')
- name: "Ensure {{ apt_keyring_dir }} directory exists"
file:
ansible.builtin.file:
path: "{{ apt_keyring_dir }}"
state: directory
mode: "755"
@ -53,35 +53,34 @@
repo: 'deb [signed-by={{ apt_keyring_dir }}/docker-debian.asc] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable'
filename: docker
state: present
update_cache: yes
update_cache: true
when: ansible_distribution_major_version is version('12', '<')
- name: Add Docker repository (Debian >=12)
ansible.builtin.template:
src: docker.sources.j2
dest: /etc/apt/sources.list.d/docker.sources
register: docker_sources
owner: root
group: root
mode: "0644"
when: ansible_distribution_major_version is version('12', '>=')
- name: Update APT cache
ansible.builtin.apt:
update_cache: yes
when: docker_sources is changed
- name: Install Docker
ansible.builtin.apt:
name:
- docker-ce
- docker-ce-cli
- containerd.io
update_cache: true
cache_valid_time: 3600
- name: python-docker is installed
- name: Package python-docker is installed
ansible.builtin.apt:
name: python-docker
state: present
when: ansible_python_version is version('3', '<')
- name: python3-docker is installed
- name: Package python3-docker is installed
ansible.builtin.apt:
name: python3-docker
state: present
@ -91,6 +90,9 @@
ansible.builtin.template:
src: daemon.json.j2
dest: /etc/docker/daemon.json
owner: root
group: root
mode: "0644"
notify: restart docker
- name: Creating Docker tmp directory