e4436d9066
All checks were successful
Ansible Lint |Total|New|Outstanding|Fixed|Trend
|:-:|:-:|:-:|:-:|:-:
|2595|5|2590|3|:-1:
Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/unstable/281//ansiblelint">Evolix » ansible-roles » unstable #281</a>
gitea/ansible-roles/pipeline/head This commit looks good
35 lines
1.1 KiB
YAML
35 lines
1.1 KiB
YAML
---
|
|
# If docher_home sets to /home/, the partition should be mounted with exec option.
|
|
docker_home: /var/lib/docker
|
|
docker_tmpdir: "{{ docker_home }}/tmp"
|
|
|
|
# Chose to use iptables instead of docker-proxy userland process
|
|
docker_conf_use_iptables: False
|
|
|
|
# Disable the possibility for containers processes to gain new privileges
|
|
docker_conf_no_newprivileges: False
|
|
|
|
# Toggle live restore (need to be disabled in swarm mode)
|
|
docker_conf_live_restore: True
|
|
|
|
# Toggle user namespace
|
|
docker_conf_user_namespace: True
|
|
|
|
# Disable all default network connectivity
|
|
docker_conf_disable_default_networking: False
|
|
|
|
# Remote access
|
|
docker_remote_access_enabled: False
|
|
docker_daemon_port: 2376
|
|
docker_daemon_listening_ip: 0.0.0.0
|
|
|
|
# TLS
|
|
docker_tls_enabled: False
|
|
docker_tls_path: "{{ docker_home }}/tls"
|
|
docker_tls_ca: ca/ca.pem
|
|
docker_tls_ca_key: ca/ca-key.pem
|
|
docker_tls_cert: server/cert.pem
|
|
docker_tls_key: server/key.pem
|
|
docker_tls_csr: server/server.csr
|
|
|
|
apt_keyring_dir: "{{ ansible_distribution_major_version is version('12', '<') | ternary('/etc/apt/trusted.gpg.d', '/etc/apt/keyrings') }}" |