Switch to Rocky Linux

2023-11-12 16:41:59 +01:00 · 2023-11-12 16:41:59 +01:00 · b8e18cdbe9
parent bf5c7a526e
commit b8e18cdbe9
2 changed files with 36 additions and 24 deletions
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@ -2,25 +2,30 @@
 # code: language=ansible
 ---
 - name: Add Docker PGP key
-  ansible.builtin.apt_key:
-    keyserver: keyserver.ubuntu.com
-    id: '0x8D81803C0EBFCD88'
+  ansible.builtin.rpm_key:
+    key: https://download.docker.com/linux/centos/gpg
+    fingerprint: 060A 61C5 1B55 8A7F 742B  77AA C52F EB6B 621E 9F35
    state: present

- name: Add Docker apt repository
-  ansible.builtin.apt_repository:
-    repo: 'deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian bullseye stable'
-    update_cache: true
+- name: Add Docker repository
+  ansible.builtin.yum_repository:
+    name: docker-ce-stable
+    description: Docker CE Stable - $basearch
+    file: docker-ce
+    baseurl: https://download.docker.com/linux/centos/$releasever/$basearch/stable
+    gpgkey: https://download.docker.com/linux/centos/gpg
+    gpgcheck: true
+    enabled: true
    state: present

- name: Install Docker
-  ansible.builtin.apt:
-    name: "{{ pkgs }}"
-    state: present
-  vars:
-    pkgs:
+- name: Install Docker and Docker Compose
+  ansible.builtin.dnf:
+    name:
      - docker-ce
+      - docker-ce-cli
      - docker-compose-plugin
+      - containerd.io
+    state: present

 - name: Copy Docker daemon config file
  ansible.builtin.template:
--- a/roles/vm-common/tasks/base.yml
+++ b/roles/vm-common/tasks/base.yml
@ -35,18 +35,25 @@
        state: present
      notify: Restart systemd-resolved

- name: Ensure UFW is absent
-  ansible.builtin.apt:
-    name: ufw
-    state: absent
+- name: Enable Security SIG repositories
+  ansible.builtin.dnf:
+    name: rocky-release-security
+    state: present

 - name: Install system packages
-  ansible.builtin.apt:
-    name: "{{ pkgs }}"
-    update_cache: true
-    state: present
-  vars:
-    pkgs:
-      - apparmor
+  ansible.builtin.dnf:
+    name:
      - haveged
      - firewalld
+      - lkrg
+    state: present
+
+- name: Ensure services are enabled and running
+  ansible.builtin.service:
+    name: "{{ item }}"
+    enabled: true
+    state: started
+  loop:
+    - haveged
+    - firewalld
+    - lkrg