# This role installs the docker daemon --- - name: Remove older docker packages apt: name: '{{ item }}' state: absent with_items: - docker - docker-engine - docker.io - name: Install source requirements apt: name: '{{ item }}' state: present update_cache: yes with_items: - apt-transport-https - ca-certificates - gnupg2 - name: Add Docker repository apt_repository: repo: 'deb [arch=amd64] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable' state: present update_cache: no filename: docker.list - include: jessie_backports.yml when: ansible_distribution_release == 'jessie' - name: Add Docker's official GPG key apt_key: #url: https://download.docker.com/linux/debian/gpg data: "{{ lookup('file', 'docker-debian.gpg') }}" - name: Install docker and python-docker apt: name: "{{ item }}" update_cache: yes with_items: - docker-ce - python-docker - name: Copy Docker daemon configuration file template: src: daemon.json.j2 dest: /etc/docker/daemon.json notify: restart docker - name: Create override directory for docker unit file: name: /etc/systemd/system/docker.service.d/ state: directory mode: "0755" - name: Remove options in ExecStart from docker unit copy: src: docker.conf dest: /etc/systemd/system/docker.service.d/ mode: "0644" notify: reload systemd - name: Creating Docker tmp directory file: path: "{{ docker_tmpdir }}" state: directory mode: "0644" owner: root - name: Creating Docker TLS directory file: path: "{{ docker_tls_path }}" state: directory mode: "0644" owner: root when: docker_tls_enabled - name: Copy shellpki utility to Docker TLS directory template: src: "{{ item }}.j2" dest: "{{ docker_tls_path }}/{{ item }}" mode: "0744" with_items: - shellpki.sh - openssl.cnf when: docker_tls_enabled - name: Check if certs are already created stat: path: "{{ docker_tls_path }}/certs" register: tls_certs_stat - name: Creating a CA, server key command: "{{ docker_tls_path }}/shellpki.sh init" when: docker_tls_enabled and not tls_certs_stat.stat.isdir is defined