Add steps for rootless Docker

2024-03-31 00:08:06 +01:00 · 2024-03-31 00:08:06 +01:00 · fd80dfdba4
parent 27ae28797f
commit fd80dfdba4
2 changed files with 24 additions and 12 deletions
--- a/roles/docker/defaults/main.yml
+++ b/roles/docker/defaults/main.yml
@ -2,5 +2,5 @@
 # code: language=ansible
 ---
 docker_rootless: false
-docker_rootless_user: docker_user
-docker_rootless_user_uid: 1100
+docker_rootless_user: rootlessdocker
+docker_rootless_user_uid: 1102
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@ -15,7 +15,7 @@
    update_cache: true

 - name: Install Docker
-  apt:
+  ansible.builtin.apt:
    name:
      - docker-ce
      - docker-ce-cli
@ -61,11 +61,32 @@
          - fuse-overlayfs
          - slirp4netns

+    - name: Create group for Docker socket
+      ansible.builtin.group:
+        name: docker
+        state: present
+
+    - name: Create user for rootless Docker
+      ansible.builtin.user:
+        name: "{{ docker_rootless_user }}"
+        uid: "{{ docker_rootless_user_uid }}"
+        comment: Rootless Docker User
+        groups:
+          - docker
+        state: present
+
    - name: Enable lingering for Docker user
      ansible.builtin.command:
        cmd: loginctl enable-linger {{ docker_rootless_user }}
        creates: /var/lib/systemd/linger/{{ docker_rootless_user }}

+    - name: Set DOCKER_HOST environment variable globally
+      ansible.builtin.lineinfile:
+        path: /etc/profile
+        regexp: '^export DOCKER_HOST='
+        line: export DOCKER_HOST=unix:///run/user/{{ docker_rootless_user_uid }}/docker.sock
+        state: present
+
    - name: Run rootless Docker setup script
      ansible.builtin.command:
        cmd: dockerd-rootless-setuptool.sh install
@ -73,15 +94,6 @@
      become: true
      become_user: "{{ docker_rootless_user }}"

-    - name: Set DOCKER_HOST environment variable
-      ansible.builtin.lineinfile:
-        path: /home/{{ docker_rootless_user }}/.bashrc
-        regexp: '^export DOCKER_HOST='
-        line: export DOCKER_HOST=unix:///run/user/{{ docker_rootless_user_uid }}/docker.sock
-        state: present
-      become: true
-      become_user: "{{ docker_rootless_user }}"
-
    - name: Make sure rootless Docker is running
      ansible.builtin.systemd_service:
        scope: user