102 lines
3.1 KiB
YAML
102 lines
3.1 KiB
YAML
# vim: ft=yaml.ansible
|
|
# code: language=ansible
|
|
---
|
|
- name: Add Docker apt PGP key
|
|
ansible.builtin.apt_key:
|
|
id: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
|
|
url: https://download.docker.com/linux/debian/gpg
|
|
state: present
|
|
|
|
- name: Add Docker apt repository
|
|
ansible.builtin.apt_repository:
|
|
filename: docker
|
|
repo: 'deb [arch=amd64] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable'
|
|
state: present
|
|
update_cache: true
|
|
|
|
- name: Install Docker
|
|
apt:
|
|
name:
|
|
- docker-ce
|
|
- docker-ce-cli
|
|
- containerd.io
|
|
- docker-buildx-plugin
|
|
- docker-compose-plugin
|
|
state: present
|
|
|
|
- name: Configure rootful Docker
|
|
when: not docker_rootless
|
|
block:
|
|
- name: Make sure Docker is running
|
|
ansible.builtin.service:
|
|
name: docker
|
|
state: started
|
|
enabled: true
|
|
|
|
- name: Configure cron job to prune unused Docker data weekly
|
|
ansible.builtin.cron:
|
|
name: Prune unused Docker data
|
|
cron_file: ansible_docker_prune
|
|
job: 'docker system prune -fa && docker volume prune -fa'
|
|
special_time: weekly
|
|
user: root
|
|
state: present
|
|
|
|
- name: Configure rootless Docker
|
|
when: docker_rootless
|
|
block:
|
|
- name: Make sure rootful Docker is stopped and disabled
|
|
ansible.builtin.systemd_service:
|
|
scope: system
|
|
name: docker
|
|
state: stopped
|
|
enabled: false
|
|
|
|
- name: Install packages needed by rootless Docker
|
|
ansible.builtin.apt:
|
|
name:
|
|
- docker-ce-rootless-extras
|
|
- uidmap
|
|
- dbus-user-session
|
|
- fuse-overlayfs
|
|
- slirp4netns
|
|
|
|
- name: Enable lingering for Docker user
|
|
ansible.builtin.command:
|
|
cmd: loginctl enable-linger {{ docker_rootless_user }}
|
|
creates: /var/lib/systemd/linger/{{ docker_rootless_user }}
|
|
|
|
- name: Run rootless Docker setup script
|
|
ansible.builtin.command:
|
|
cmd: dockerd-rootless-setuptool.sh install
|
|
creates: /home/{{ docker_rootless_user }}/.config/systemd/user/docker.service
|
|
become: true
|
|
become_user: "{{ docker_rootless_user }}"
|
|
|
|
- name: Make sure rootless Docker is running
|
|
ansible.builtin.systemd_service:
|
|
scope: user
|
|
name: docker.service
|
|
state: started
|
|
enabled: true
|
|
become: true
|
|
become_user: "{{ docker_rootless_user }}"
|
|
|
|
- name: Set DOCKER_HOST environment variable
|
|
ansible.builtin.lineinfile:
|
|
path: /home/{{ docker_rootless_user }}/.bashrc
|
|
regexp: '^export DOCKER_HOST='
|
|
line: export DOCKER_HOST=unix:///run/user/{{ docker_rootless_user_uid }}/docker.sock
|
|
state: present
|
|
become: true
|
|
become_user: "{{ docker_rootless_user }}"
|
|
|
|
- name: Configure cron job to prune unused Docker data weekly
|
|
ansible.builtin.cron:
|
|
name: Prune unused Docker data
|
|
cron_file: ansible_docker_rootless_prune
|
|
job: "docker --host unix:///run/user/{{ docker_rootless_user_uid }}/docker.sock system prune -fa && docker volume prune -fa"
|
|
special_time: weekly
|
|
user: "{{ docker_rootless_user }}"
|
|
state: present
|