You've already forked ansible-role-docker
160 lines
3.7 KiB
YAML
160 lines
3.7 KiB
YAML
---
|
|
- name: Update apt repo and cache
|
|
apt:
|
|
update_cache: yes
|
|
force_apt_get: yes
|
|
cache_valid_time: 3600
|
|
tags:
|
|
- docker
|
|
- docker_install
|
|
|
|
- name: Install requirements
|
|
apt:
|
|
name:
|
|
- apt-transport-https
|
|
- ca-certificates
|
|
- curl
|
|
- gnupg
|
|
- lsb-release
|
|
state: present
|
|
update_cache: yes
|
|
tags:
|
|
- docker
|
|
- docker_install
|
|
|
|
- name: Check GPG key
|
|
stat:
|
|
path: /usr/share/keyrings/docker-archive-keyring.gpg
|
|
register: docker_gpg
|
|
tags:
|
|
- docker
|
|
- docker_install
|
|
|
|
- name: Add docker GPG key
|
|
shell: 'curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg'
|
|
when: not docker_gpg.stat.exists
|
|
tags:
|
|
- docker
|
|
- docker_install
|
|
|
|
- name: Check GPG key
|
|
stat:
|
|
path: /etc/apt/sources.list.d/docker.list
|
|
register: docker_repo
|
|
tags:
|
|
- docker
|
|
- docker_install
|
|
|
|
- name: Add docker repo
|
|
shell: 'echo "deb [arch="$(dpkg --print-architecture)" signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null'
|
|
when: not docker_repo.stat.exists
|
|
tags:
|
|
- docker
|
|
- docker_install
|
|
|
|
- name: Update apt repo and cache
|
|
apt:
|
|
update_cache: yes
|
|
force_apt_get: yes
|
|
cache_valid_time: 3600
|
|
tags:
|
|
- docker
|
|
- docker_install
|
|
|
|
- name: Install docker
|
|
apt:
|
|
name:
|
|
- docker-ce
|
|
- docker-ce-cli
|
|
- containerd.io
|
|
- docker-buildx-plugin
|
|
- docker-compose-plugin
|
|
state: present
|
|
update_cache: yes
|
|
tags:
|
|
- docker
|
|
- docker_install
|
|
|
|
- name: Create docker folder
|
|
file:
|
|
path: '{{ docker_folder }}'
|
|
owner: root
|
|
group: root
|
|
mode: 0750
|
|
state: directory
|
|
when: docker_compose_template is defined or docker_watchtower_template is defined
|
|
tags:
|
|
- docker
|
|
- docker_configure
|
|
|
|
- name: Sync docker confs
|
|
synchronize:
|
|
src: '{{ docker_compose_template }}'
|
|
dest: '{{ docker_folder }}'
|
|
when: docker_compose_template is defined
|
|
tags:
|
|
- docker
|
|
- docker_configure
|
|
|
|
- name: Execute docker-compose up -d
|
|
shell: 'docker-compose -f {{ item }}/docker-compose.yml up -d'
|
|
with_items:
|
|
- '{{ docker_compose_services }}'
|
|
when: docker_compose_services is defined
|
|
tags:
|
|
- docker
|
|
- docker_configure
|
|
|
|
- name: Run watchtower
|
|
docker_container:
|
|
name: watchtower
|
|
image: containrrr/watchtower
|
|
restart_policy: unless-stopped
|
|
volumes:
|
|
- "/var/run/docker.sock:/var/run/docker.sock"
|
|
when: docker_watchtower is defined and docker_watchtower_template is not defined
|
|
tags:
|
|
- docker
|
|
- docker_configure
|
|
|
|
- name: Create watchtower folder
|
|
file:
|
|
path: '{{ docker_folder }}/watchtower'
|
|
owner: root
|
|
group: root
|
|
mode: 0750
|
|
state: directory
|
|
when: docker_watchtower_template is defined
|
|
tags:
|
|
- docker
|
|
- docker_configure
|
|
|
|
- name: Push watchtower docker-compose file
|
|
template:
|
|
src: '{{ docker_watchtower_docker_compose }}'
|
|
dest: '{{ docker_folder }}/watchtower/docker-compose.yml'
|
|
when: docker_watchtower_template is defined
|
|
tags:
|
|
- docker
|
|
- docker_configure
|
|
|
|
- name: Push watchtower systemd service
|
|
template:
|
|
src: '{{ docker_watchtower_systemd }}'
|
|
dest: '/etc/systemd/system/docker-compose@watchtower.service'
|
|
when: docker_watchtower_template is defined and docker_watchtower_systemd is defined
|
|
tags:
|
|
- docker
|
|
- docker_configure
|
|
|
|
- name: Enable --now watchtower systemd service
|
|
systemd:
|
|
name: 'docker-compose@watchtower.service'
|
|
state: restarted
|
|
enabled: yes
|
|
when: docker_watchtower_template is defined and docker_watchtower_systemd is defined
|
|
ignore_errors: '{{ ansible_check_mode }}'
|
|
tags:
|
|
- docker
|
|
- docker_configure
|