Mirrors/geerlingguy.ansible-role-docker
1
0
Fork 0
mirror of https://github.com/geerlingguy/ansible-role-docker.git synced 2024-11-18 19:10:43 +01:00
Code Issues Projects Releases Wiki Activity

Merge branch 'master' into use-ansible-facts

Browse Source
This commit is contained in:
Jack Hodgkiss 2024-10-09 21:41:32 +01:00 committed by GitHub
commit 031cdbc034
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
8 changed files with 118 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
.github/workflows/ci.yml vendored
View File

@ -19,12 +19,12 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Check out the codebase. - name: Check out the codebase.
uses: actions/checkout@v2 uses: actions/checkout@v4
with: with:
path: 'geerlingguy.docker' path: 'geerlingguy.docker'
- name: Set up Python 3. - name: Set up Python 3.
uses: actions/setup-python@v2 uses: actions/setup-python@v5
with: with:
python-version: '3.x' python-version: '3.x'
@ -41,23 +41,21 @@ jobs:
strategy: strategy:
matrix: matrix:
distro: distro:
- rockylinux8 - rockylinux9
- ubuntu2404
- ubuntu2204 - ubuntu2204
- ubuntu2004
- ubuntu1804
- debian12 - debian12
- debian11 - debian11
- debian10 - fedora40
- fedora34
steps: steps:
- name: Check out the codebase. - name: Check out the codebase.
uses: actions/checkout@v2 uses: actions/checkout@v4
with: with:
path: 'geerlingguy.docker' path: 'geerlingguy.docker'
- name: Set up Python 3. - name: Set up Python 3.
uses: actions/setup-python@v2 uses: actions/setup-python@v5
with: with:
python-version: '3.x' python-version: '3.x'

4
.github/workflows/release.yml vendored
View File

@ -22,12 +22,12 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Check out the codebase. - name: Check out the codebase.
uses: actions/checkout@v2 uses: actions/checkout@v4
with: with:
path: 'geerlingguy.docker' path: 'geerlingguy.docker'
- name: Set up Python 3. - name: Set up Python 3.
uses: actions/setup-python@v2 uses: actions/setup-python@v5
with: with:
python-version: '3.x' python-version: '3.x'

107
README.md
View File

@ -12,13 +12,15 @@ None.
Available variables are listed below, along with default values (see `defaults/main.yml`): Available variables are listed below, along with default values (see `defaults/main.yml`):
# Edition can be one of: 'ce' (Community Edition) or 'ee' (Enterprise Edition). ```yaml
docker_edition: 'ce' # Edition can be one of: 'ce' (Community Edition) or 'ee' (Enterprise Edition).
docker_packages: docker_edition: 'ce'
- "docker-{{ docker_edition }}" docker_packages:
- "docker-{{ docker_edition }}-cli" - "docker-{{ docker_edition }}"
- "docker-{{ docker_edition }}-rootless-extras" - "docker-{{ docker_edition }}-cli"
docker_packages_state: present - "docker-{{ docker_edition }}-rootless-extras"
docker_packages_state: present
```
The `docker_edition` should be either `ce` (Community Edition) or `ee` (Enterprise Edition). The `docker_edition` should be either `ce` (Community Edition) or `ee` (Enterprise Edition).
You can also specify a specific version of Docker to install using the distribution-specific format: You can also specify a specific version of Docker to install using the distribution-specific format:
@ -27,66 +29,97 @@ Debian/Ubuntu: `docker-{{ docker_edition }}=<VERSION>` (Note: you have to add th
You can control whether the package is installed, uninstalled, or at the latest version by setting `docker_packages_state` to `present`, `absent`, or `latest`, respectively. Note that the Docker daemon will be automatically restarted if the Docker package is updated. This is a side effect of flushing all handlers (running any of the handlers that have been notified by this and any other role up to this point in the play). You can control whether the package is installed, uninstalled, or at the latest version by setting `docker_packages_state` to `present`, `absent`, or `latest`, respectively. Note that the Docker daemon will be automatically restarted if the Docker package is updated. This is a side effect of flushing all handlers (running any of the handlers that have been notified by this and any other role up to this point in the play).
docker_service_manage: true ```yaml
docker_service_state: started docker_obsolete_packages:
docker_service_enabled: true - docker
docker_restart_handler_state: restarted - docker.io
- docker-engine
- podman-docker
- containerd
- runc
```
A list of packages to be uninstalled prior to running this role. See [Docker's installation instructions](https://docs.docker.com/engine/install/debian/#uninstall-old-versions) for an up-to-date list of old packages that should be removed.
```yaml
docker_service_manage: true
docker_service_state: started
docker_service_enabled: true
docker_restart_handler_state: restarted
```
Variables to control the state of the `docker` service, and whether it should start on boot. If you're installing Docker inside a Docker container without systemd or sysvinit, you should set `docker_service_manage` to `false`. Variables to control the state of the `docker` service, and whether it should start on boot. If you're installing Docker inside a Docker container without systemd or sysvinit, you should set `docker_service_manage` to `false`.
docker_install_compose_plugin: false ```yaml
docker_compose_package: docker-compose-plugin docker_install_compose_plugin: true
docker_compose_package_state: present docker_compose_package: docker-compose-plugin
docker_compose_package_state: present
```
Docker Compose Plugin installation options. These differ from the below in that docker-compose is installed as a docker plugin (and used with `docker compose`) instead of a standalone binary. Docker Compose Plugin installation options. These differ from the below in that docker-compose is installed as a docker plugin (and used with `docker compose`) instead of a standalone binary.
docker_install_compose: true ```yaml
docker_compose_version: "1.26.0" docker_install_compose: false
docker_compose_arch: "{{ ansible_architecture }}" docker_compose_version: "2.29.2"
docker_compose_path: /usr/local/bin/docker-compose docker_compose_arch: "{{ ansible_architecture }}"
docker_compose_url: "https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-linux-{{ docker_compose_arch }}"
docker_compose_path: /usr/local/bin/docker-compose
```
Docker Compose installation options. Docker Compose installation options.
docker_add_repo: true ```yaml
docker_add_repo: true
```
Controls whether this role will add the official Docker repository. Set to `false` if you want to use the default docker packages for your system or manage the package repository on your own. Controls whether this role will add the official Docker repository. Set to `false` if you want to use the default docker packages for your system or manage the package repository on your own.
docker_repo_url: https://download.docker.com/linux ```yaml
docker_repo_url: https://download.docker.com/linux
```
The main Docker repo URL, common between Debian and RHEL systems. The main Docker repo URL, common between Debian and RHEL systems.
docker_apt_release_channel: stable ```yaml
docker_apt_arch: "{{ 'arm64' if ansible_architecture == 'aarch64' else 'amd64' }}" docker_apt_release_channel: stable
docker_apt_repository: "deb [arch={{ docker_apt_arch }}] {{ docker_repo_url }}/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}" docker_apt_arch: "{{ 'arm64' if ansible_architecture == 'aarch64' else 'amd64' }}"
docker_apt_ignore_key_error: True docker_apt_repository: "deb [arch={{ docker_apt_arch }}] {{ docker_repo_url }}/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}"
docker_apt_gpg_key: "{{ docker_repo_url }}/{{ ansible_distribution | lower }}/gpg" docker_apt_ignore_key_error: True
docker_apt_filename: "docker" docker_apt_gpg_key: "{{ docker_repo_url }}/{{ ansible_distribution | lower }}/gpg"
docker_apt_filename: "docker"
```
(Used only for Debian/Ubuntu.) You can switch the channel to `nightly` if you want to use the Nightly release. (Used only for Debian/Ubuntu.) You can switch the channel to `nightly` if you want to use the Nightly release.
You can change `docker_apt_gpg_key` to a different url if you are behind a firewall or provide a trustworthy mirror. You can change `docker_apt_gpg_key` to a different url if you are behind a firewall or provide a trustworthy mirror.
Usually in combination with changing `docker_apt_repository` as well. `docker_apt_filename` controls the name of the source list file created in `sources.list.d`. If you are upgrading from an older (<7.0.0) version of this role, you should change this to the name of the existing file (e.g. `download_docker_com_linux_debian` on Debian) to avoid conflicting lists. Usually in combination with changing `docker_apt_repository` as well. `docker_apt_filename` controls the name of the source list file created in `sources.list.d`. If you are upgrading from an older (<7.0.0) version of this role, you should change this to the name of the existing file (e.g. `download_docker_com_linux_debian` on Debian) to avoid conflicting lists.
docker_yum_repo_url: "{{ docker_repo_url }}/{{ (ansible_distribution == 'Fedora') | ternary('fedora','centos') }}/docker-{{ docker_edition }}.repo"docker_edition }}.repo ```yaml
docker_yum_repo_enable_nightly: '0' docker_yum_repo_url: "{{ docker_repo_url }}/{{ (ansible_distribution == 'Fedora') | ternary('fedora','centos') }}/docker-{{ docker_edition }}.repo"
docker_yum_repo_enable_test: '0' docker_yum_repo_enable_nightly: '0'
docker_yum_gpg_key: "{{ docker_repo_url }}/centos/gpg" docker_yum_repo_enable_test: '0'
docker_yum_gpg_key: "{{ docker_repo_url }}/centos/gpg"
```
(Used only for RedHat/CentOS.) You can enable the Nightly or Test repo by setting the respective vars to `1`. (Used only for RedHat/CentOS.) You can enable the Nightly or Test repo by setting the respective vars to `1`.
You can change `docker_yum_gpg_key` to a different url if you are behind a firewall or provide a trustworthy mirror. You can change `docker_yum_gpg_key` to a different url if you are behind a firewall or provide a trustworthy mirror.
Usually in combination with changing `docker_yum_repository` as well. Usually in combination with changing `docker_yum_repository` as well.
docker_users: ```yaml
- user1 docker_users:
- user2 - user1
- user2
```
A list of system users to be added to the `docker` group (so they can use Docker on the server). A list of system users to be added to the `docker` group (so they can use Docker on the server).
docker_daemon_options: ```yaml
storage-driver: "devicemapper" docker_daemon_options:
log-opts: storage-driver: "overlay2"
max-size: "100m" log-opts:
max-size: "100m"
```
Custom `dockerd` options can be configured through this dictionary representing the json file `/etc/docker/daemon.json`. Custom `dockerd` options can be configured through this dictionary representing the json file `/etc/docker/daemon.json`.

14
defaults/main.yml
View File

@ -6,7 +6,15 @@ docker_packages:
- "docker-{{ docker_edition }}-cli" - "docker-{{ docker_edition }}-cli"
- "docker-{{ docker_edition }}-rootless-extras" - "docker-{{ docker_edition }}-rootless-extras"
- "containerd.io" - "containerd.io"
- docker-buildx-plugin
docker_packages_state: present docker_packages_state: present
docker_obsolete_packages:
- docker
- docker.io
- docker-engine
- podman-docker
- containerd
- runc
# Service options. # Service options.
docker_service_manage: true docker_service_manage: true
@ -21,7 +29,7 @@ docker_compose_package_state: present
# Docker Compose options. # Docker Compose options.
docker_install_compose: false docker_install_compose: false
docker_compose_version: "v2.11.1" docker_compose_version: "v2.29.2"
docker_compose_arch: "{{ ansible_facts.architecture }}" docker_compose_arch: "{{ ansible_facts.architecture }}"
docker_compose_url: "https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-linux-{{ docker_compose_arch }}" docker_compose_url: "https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-linux-{{ docker_compose_arch }}"
docker_compose_path: /usr/local/bin/docker-compose docker_compose_path: /usr/local/bin/docker-compose
@ -37,8 +45,8 @@ docker_apt_release_channel: stable
# docker_apt_ansible_distribution is a workaround for Ubuntu variants which can't be identified as such by Ansible, # docker_apt_ansible_distribution is a workaround for Ubuntu variants which can't be identified as such by Ansible,
# and is only necessary until Docker officially supports them. # and is only necessary until Docker officially supports them.
docker_apt_ansible_distribution: "{{ 'ubuntu' if ansible_facts.distribution in ['Pop!_OS', 'Linux Mint'] else ansible_facts.distribution }}" docker_apt_ansible_distribution: "{{ 'ubuntu' if ansible_facts.distribution in ['Pop!_OS', 'Linux Mint'] else ansible_facts.distribution }}"
docker_apt_arch: "{{ 'arm64' if ansible_facts.architecture == 'aarch64' else 'amd64' }}" docker_apt_arch: "{{ 'arm64' if ansible_facts.architecture == 'aarch64' else 'armhf' if ansible_facts.architecture == 'armv7l' else 'amd64' }}"
docker_apt_repository: "deb [arch={{ docker_apt_arch }} signed-by=/etc/apt/trusted.gpg.d/docker.asc] {{ docker_repo_url }}/{{ ansible_facts.distribution | lower }} {{ ansible_facts.distribution_release }} {{ docker_apt_release_channel }}" docker_apt_repository: "deb [arch={{ docker_apt_arch }} signed-by=/etc/apt/keyrings/docker.asc] {{ docker_repo_url }}/{{ docker_apt_ansible_distribution | lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}"
docker_apt_ignore_key_error: true docker_apt_ignore_key_error: true
docker_apt_gpg_key: "{{ docker_repo_url }}/{{ docker_apt_ansible_distribution | lower }}/gpg" docker_apt_gpg_key: "{{ docker_repo_url }}/{{ docker_apt_ansible_distribution | lower }}/gpg"
docker_apt_gpg_key_checksum: "sha256:1500c1f56fa9e26b9b8f42452a553675796ade0807cdce11975eb98170b3a570" docker_apt_gpg_key_checksum: "sha256:1500c1f56fa9e26b9b8f42452a553675796ade0807cdce11975eb98170b3a570"

1
meta/main.yml
View File

@ -22,6 +22,7 @@ galaxy_info:
- bionic - bionic
- focal - focal
- jammy - jammy
- noble
- name: Alpine - name: Alpine
version: version:
- all - all

4
molecule/default/molecule.yml
View File

@ -2,11 +2,13 @@
role_name_check: 1 role_name_check: 1
dependency: dependency:
name: galaxy name: galaxy
options:
ignore-errors: true
driver: driver:
name: docker name: docker
platforms: platforms:
- name: instance - name: instance
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest" image: "geerlingguy/docker-${MOLECULE_DISTRO:-rockylinux9}-ansible:latest"
command: ${MOLECULE_DOCKER_COMMAND:-""} command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:rw - /sys/fs/cgroup:/sys/fs/cgroup:rw

34
tasks/setup-Debian.yml
View File

@ -1,9 +1,21 @@
--- ---
- name: Ensure old versions of Docker are not installed. - name: Ensure apt key is not present in trusted.gpg.d
ansible.builtin.file:
path: /etc/apt/trusted.gpg.d/docker.asc
state: absent
- name: Ensure the repo referencing the previous trusted.gpg.d key is not present
apt_repository:
repo: "deb [arch={{ docker_apt_arch }} signed-by=/etc/apt/trusted.gpg.d/docker.asc] {{ docker_repo_url }}/{{ docker_apt_ansible_distribution | lower }} {{ ansible_facts.distribution_release }} {{ docker_apt_release_channel }}"
state: absent
filename: "{{ docker_apt_filename }}"
update_cache: true
when: docker_add_repo | bool
- # See https://docs.docker.com/engine/install/debian/#uninstall-old-versions
name: Ensure old versions of Docker are not installed.
package: package:
name: name: "{{ docker_obsolete_packages }}"
- docker
- docker-engine
state: absent state: absent
- name: Ensure dependencies are installed. - name: Ensure dependencies are installed.
@ -14,22 +26,22 @@
state: present state: present
when: docker_add_repo | bool when: docker_add_repo | bool
- name: Ensure additional dependencies are installed (on Ubuntu < 20.04 and any other systems).
apt:
name: gnupg2
state: present
when: ansible_facts.distribution != 'Ubuntu' or ansible_facts.distribution_version is version('20.04', '<')
- name: Ensure additional dependencies are installed (on Ubuntu >= 20.04). - name: Ensure additional dependencies are installed (on Ubuntu >= 20.04).
apt: apt:
name: gnupg name: gnupg
state: present state: present
when: ansible_facts.distribution == 'Ubuntu' and ansible_facts.distribution_version is version('20.04', '>=') when: ansible_facts.distribution == 'Ubuntu' and ansible_facts.distribution_version is version('20.04', '>=')
- name: Ensure directory exists for /etc/apt/keyrings
file:
path: /etc/apt/keyrings
state: directory
mode: '0755'
- name: Add Docker apt key. - name: Add Docker apt key.
ansible.builtin.get_url: ansible.builtin.get_url:
url: "{{ docker_apt_gpg_key }}" url: "{{ docker_apt_gpg_key }}"
dest: /etc/apt/trusted.gpg.d/docker.asc dest: /etc/apt/keyrings/docker.asc
mode: '0644' mode: '0644'
force: false force: false
checksum: "{{ docker_apt_gpg_key_checksum | default(omit) }}" checksum: "{{ docker_apt_gpg_key_checksum | default(omit) }}"

1
vars/Archlinux.yml
View File

@ -1,2 +1,3 @@
--- ---
docker_packages: "docker" docker_packages: "docker"
docker_compose_package: docker-compose