[UPD] Some updates

* add noninteractive install
* add runlevel 1 to prevent start service before configred
* add lazydocker when it needed
* rename docker-compose.yml to prevent IDE warnings

defaults/main.yml

@@ -6,19 +6,26 @@ docker_package_state: present
 
 # Service options.
 docker_service_state: started
-docker_service_enabled: true
+docker_service_enabled: yes
 docker_restart_handler_state: restarted
 
 # Docker Compose options.
-docker_install_compose: true
-docker_compose_version: "1.22.0"
-docker_compose_path: /usr/local/bin/docker-compose
+docker_compose_install: yes
+docker_compose_version: '1.24.0'
+docker_compose_path: '/usr/local/bin/docker-compose'
+docker_compose_url: "https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-Linux-x86_64"
+
+# LazyDocker options.
+lazydocker_install: yes
+lazydocker_version: '0.4'
+lazydocker_path: '/usr/local/bin/lazydocker'
+lazydocker_url: "https://github.com/jesseduffield/lazydocker/releases/download/v{{ lazydocker_version }}/lazydocker_{{ lazydocker_version }}_Linux_x86_64.tar.gz"
 
 # Used only for Debian/Ubuntu. Switch 'stable' to 'edge' if needed.
 docker_apt_release_channel: stable
 docker_apt_arch: amd64
 docker_apt_repository: "deb [arch={{ docker_apt_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}"
-docker_apt_ignore_key_error: true
+docker_apt_ignore_key_error: yes
 
 # Used only for RedHat/CentOS/Fedora.
 docker_yum_repo_url: https://download.docker.com/linux/{{ (ansible_distribution == "Fedora") | ternary("fedora","centos") }}/docker-{{ docker_edition }}.repo

handlers/main.yml

@@ -1,3 +1,5 @@
 ---
 - name: restart docker
-  service: "name=docker state={{ docker_restart_handler_state }}"
+  service:
+    name: docker
+    state: "{{ docker_restart_handler_state }}"

tasks/docker-1809-shim.yml

@@ -1,16 +0,0 @@
----
-- name: Ensure containerd service dir exists.
-  file:
-    path: /etc/systemd/system/containerd.service.d
-    state: directory
-
-- name: Add shim to ensure Docker can start in all environments.
-  template:
-    src: override.conf.j2
-    dest: /etc/systemd/system/containerd.service.d/override.conf
-  register: override_template
-
-- name: Reload systemd daemon if template is changed.
-  systemd:
-    daemon_reload: true
-  when: override_template is changed

tasks/docker-compose-install.yml

@@ -0,0 +1,24 @@
+---
+- name: docker-compose | check binary installed
+  stat:
+    path: "{{ docker_compose_path }}"
+  changed_when: no
+  register: docker_compose_current_binary
+
+- name: docker-compose | get current binary version
+  shell: |
+    sudo -Hu nobody timeout 2 {{ docker_compose_path }} --version 2>&1 | grep -Eoi '([0-9]{1,}\.){1,3}[0-9]{1,}(|-[a-z0-9]{1,})' | sort -uV | head -1
+  register: docker_compose_current_version
+  changed_when: no
+  when:
+    - docker_compose_current_binary.stat.exists
+
+- name: docker-compose | download if need install, upgrade or downgrade
+  get_url:
+    url: "{{ docker_compose_url }}"
+    dest: "{{ docker_compose_path }}"
+    force: yes
+    owner: root
+    mode: 0755
+  when:
+    - not docker_compose_current_binary.stat.exists or (docker_compose_current_version.stdout and docker_compose_current_version.stdout is version(docker_compose_version, '!='))

tasks/docker-compose.yml

@@ -1,20 +0,0 @@
----
-- name: Check current docker-compose version.
-  command: docker-compose --version
-  register: docker_compose_current_version
-  changed_when: false
-  failed_when: false
-
-- name: Delete existing docker-compose version if it's different.
-  file:
-    path: "{{ docker_compose_path }}"
-    state: absent
-  when: >
-    docker_compose_current_version.stdout is defined
-    and docker_compose_version not in docker_compose_current_version.stdout
-
-- name: Install Docker Compose (if configured).
-  get_url:
-    url: https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-Linux-x86_64
-    dest: "{{ docker_compose_path }}"
-    mode: 0755

tasks/docker-shim.yml

@@ -0,0 +1,34 @@
+---
+- name: docker-shim | get current version when installed
+  shell: |
+    sudo -Hu nobody timeout 2 docker --version 2>&1 | grep -Eoi '([0-9]{1,}\.){2,3}[0-9]{1,}(|-[a-z0-9]{1,})' | sort -uV | head -1
+  register: docker_current_version
+  changed_when: no
+
+- name: docker-shim | Setup shim if required
+  block:
+    - name: docker-shim | Ensure containerd service dir exists
+      file:
+        path: /etc/systemd/system/containerd.service.d
+        state: directory
+    - name: docker-shim | Add shim to ensure Docker can start in all environments.
+      template:
+        src: etc/systemd/system/containerd.service.d/override.conf.j2
+        dest: /etc/systemd/system/containerd.service.d/override.conf
+      register: docker_service_override_template
+  when:
+    - docker_current_version.stdout is version('19.03.2', '<=')
+
+- name: docker-shim | Delete shim when it outdated
+  file:
+    path: /etc/systemd/system/containerd.service.d/override.conf
+    state: absent
+  register: docker_service_override_template
+  when:
+    - docker_current_version.stdout is version('19.03.2', '>')
+
+- name: docker-shim | Reload systemd daemon if template is changed
+  systemd:
+    daemon_reload: yes
+  when:
+    - docker_service_override_template is changed

tasks/lazydocker-install.yml

@@ -0,0 +1,28 @@
+---
+- name: lazydocker | check binary installed
+  stat:
+    path: "{{ lazydocker_path }}"
+  changed_when: no
+  register: lazydocker_current_binary
+
+- name: lazydocker | get current binary version
+  shell: |
+    sudo -Hu nobody timeout 2 {{ lazydocker_path }} --version 2>&1 | grep -Eoi '([0-9]{1,}\.){1,3}[0-9]{1,}(|-[a-z0-9]{1,})' | sort -uV | head -1
+  register: lazydocker_current_version
+  changed_when: no
+  when:
+    - lazydocker_current_binary.stat.exists
+
+- name: lazydocker | download with unarchive when upgrade or downgrade
+  unarchive:
+    src: "{{ lazydocker_url }}"
+    dest: "{{ lazydocker_path | dirname }}"
+    exclude:
+      - 'README.md'
+      - 'LICENSE'
+    remote_src: yes
+    force: yes
+    owner: root
+    mode: 0755
+  when:
+    - not lazydocker_current_binary.stat.exists or (lazydocker_current_version.stdout and lazydocker_current_version.stdout is version(lazydocker_version, '!='))

tasks/main.yml

@@ -1,19 +1,36 @@
 ---
 - include_tasks: setup-RedHat.yml
-  when: ansible_os_family == 'RedHat'
+  when:
+    - ansible_os_family == 'RedHat'
 
 - include_tasks: setup-Debian.yml
-  when: ansible_os_family == 'Debian'
+  when:
+    - ansible_os_family == 'Debian'
 
-- name: Install Docker.
+- name: Ensure docker config dir exists.
+  file:
+    path: /etc/docker
+    state: directory
+
+- name: Add docker/daemon.json custom config.
+  template:
+    src: etc/docker/daemon.json.j2
+    dest: /etc/docker/daemon.json
+  notify: restart docker
+
+- name: Install docker
   package:
     name: "{{ docker_package }}"
     state: "{{ docker_package_state }}"
+  environment:
+    DEBIAN_FRONTEND: noninteractive
+    RUNLEVEL: 1
   notify: restart docker
 
 # TODO: Remove this shim once 18.09.1 or later is released.
-- import_tasks: docker-1809-shim.yml
-  when: ansible_service_mgr == 'systemd'
+- import_tasks: docker-shim.yml
+  when:
+    - ansible_service_mgr == 'systemd'
 
 - name: Ensure Docker is started and enabled at boot.
   service:
@@ -24,8 +41,14 @@
 - name: Ensure handlers are notified now to avoid firewall conflicts.
   meta: flush_handlers
 
-- include_tasks: docker-compose.yml
-  when: docker_install_compose
+- include_tasks: docker-compose-install.yml
+  when:
+    - docker_compose_install
+
+- include_tasks: lazydocker-install.yml
+  when:
+    - lazydocker_install
 
 - include_tasks: docker-users.yml
-  when: docker_users
+  when:
+    - docker_users

tasks/setup-Debian.yml

@@ -5,6 +5,8 @@
       - docker
       - docker-engine
     state: absent
+  environment:
+    DEBIAN_FRONTEND: noninteractive
 
 - name: Ensure dependencies are installed.
   apt:
@@ -12,29 +14,39 @@
       - apt-transport-https
       - ca-certificates
     state: present
+  environment:
+    DEBIAN_FRONTEND: noninteractive
 
 - name: Add Docker apt key.
   apt_key:
     url: https://download.docker.com/linux/ubuntu/gpg
     id: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
     state: present
+  environment:
+    DEBIAN_FRONTEND: noninteractive
   register: add_repository_key
   ignore_errors: "{{ docker_apt_ignore_key_error }}"
 
 - name: Ensure curl is present (on older systems without SNI).
-  package: name=curl state=present
-  when: add_repository_key is failed
+  package:
+    name: curl
+    state: present
+  environment:
+    DEBIAN_FRONTEND: noninteractive
+  when:
+    - add_repository_key is failed
 
 - name: Add Docker apt key (alternative for older systems without SNI).
   shell: |
-    set -o pipefail
-    curl -sSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
+    set -euxo pipefail
+    curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
   args:
     warn: false
-  when: add_repository_key is failed
+  when:
+    - add_repository_key is failed
 
 - name: Add Docker repository.
   apt_repository:
     repo: "{{ docker_apt_repository }}"
     state: present
-    update_cache: true
+    update_cache: yes

templates/etc/docker/daemon.json.j2

@@ -0,0 +1,25 @@
+{
+	"data-root": "/srv/docker",
+	"dns": [
+		"8.8.8.8",
+		"1.1.1.1"
+	],
+	"log-driver": "journald",
+	"metrics-addr" : "0.0.0.0:9323",
+	"experimental" : true,
+	"storage-driver": "overlay2",
+	"live-restore": true,
+	"default-ulimits": {
+		"nofile": {
+			"Name": "nofile",
+			"Hard": 65536,
+			"Soft": 65536
+		}
+	},
+	"default-address-pools":[
+		{"base":"172.17.0.0/16","size":24},
+		{"base":"172.18.0.0/16","size":24},
+		{"base":"172.19.0.0/16","size":24},
+		{"base":"172.20.0.0/16","size":24}
+	]
+}