mirror of
https://github.com/geerlingguy/ansible-role-docker.git
synced 2025-08-29 13:47:31 +02:00
Compare commits
16 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
ed8a8ea98f | ||
|
35136bad43 | ||
|
|
c0ddaa9d64 | ||
|
|
cd526d9532 | ||
|
|
b941efcdc4 | ||
|
6343bc9148 | ||
|
|
894e30654f | ||
|
|
8818e2b3e3 | ||
|
|
a44d1bee2a | ||
|
|
94b787389d | ||
|
|
24dee13f70 | ||
|
|
c8df987a56 | ||
|
|
d95b3fdc47 | ||
|
1000ee6000 | ||
|
5a2fd928ad | ||
|
|
6f0503c0fb |
12
README.md
12
README.md
@ -69,7 +69,7 @@ Docker Compose Plugin installation options. These differ from the below in that
|
|||||||
```yaml
|
```yaml
|
||||||
docker_install_compose: false
|
docker_install_compose: false
|
||||||
docker_compose_version: "v2.32.1"
|
docker_compose_version: "v2.32.1"
|
||||||
docker_compose_arch: "{{ ansible_architecture }}"
|
docker_compose_arch: "{{ ansible_facts.architecture }}"
|
||||||
docker_compose_url: "https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-linux-{{ docker_compose_arch }}"
|
docker_compose_url: "https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-linux-{{ docker_compose_arch }}"
|
||||||
docker_compose_path: /usr/local/bin/docker-compose
|
docker_compose_path: /usr/local/bin/docker-compose
|
||||||
```
|
```
|
||||||
@ -90,10 +90,10 @@ The main Docker repo URL, common between Debian and RHEL systems.
|
|||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
docker_apt_release_channel: stable
|
docker_apt_release_channel: stable
|
||||||
docker_apt_arch: "{{ 'arm64' if ansible_architecture == 'aarch64' else 'amd64' }}"
|
docker_apt_arch: "{{ 'arm64' if ansible_facts.architecture == 'aarch64' else 'amd64' }}"
|
||||||
docker_apt_repository: "deb [arch={{ docker_apt_arch }}{{' signed-by=/etc/apt/keyrings/docker.asc' if add_repository_key is not failed}}] {{ docker_repo_url }}/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}"
|
docker_apt_repository: "deb [arch={{ docker_apt_arch }}{{' signed-by=/etc/apt/keyrings/docker.asc' if add_repository_key is not failed}}] {{ docker_repo_url }}/{{ ansible_facts.distribution | lower }} {{ ansible_facts.distribution_release }} {{ docker_apt_release_channel }}"
|
||||||
docker_apt_ignore_key_error: True
|
docker_apt_ignore_key_error: True
|
||||||
docker_apt_gpg_key: "{{ docker_repo_url }}/{{ ansible_distribution | lower }}/gpg"
|
docker_apt_gpg_key: "{{ docker_repo_url }}/{{ ansible_facts.distribution | lower }}/gpg"
|
||||||
docker_apt_filename: "docker"
|
docker_apt_filename: "docker"
|
||||||
```
|
```
|
||||||
|
|
||||||
@ -103,10 +103,10 @@ You can change `docker_apt_gpg_key` to a different url if you are behind a firew
|
|||||||
Usually in combination with changing `docker_apt_repository` as well. `docker_apt_filename` controls the name of the source list file created in `sources.list.d`. If you are upgrading from an older (<7.0.0) version of this role, you should change this to the name of the existing file (e.g. `download_docker_com_linux_debian` on Debian) to avoid conflicting lists.
|
Usually in combination with changing `docker_apt_repository` as well. `docker_apt_filename` controls the name of the source list file created in `sources.list.d`. If you are upgrading from an older (<7.0.0) version of this role, you should change this to the name of the existing file (e.g. `download_docker_com_linux_debian` on Debian) to avoid conflicting lists.
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
docker_yum_repo_url: "{{ docker_repo_url }}/{{ (ansible_distribution == 'Fedora') | ternary('fedora','centos') }}/docker-{{ docker_edition }}.repo"
|
docker_yum_repo_url: "{{ docker_repo_url }}/{{ (ansible_facts.distribution == 'Fedora') | ternary('fedora','centos') }}/docker-{{ docker_edition }}.repo"
|
||||||
docker_yum_repo_enable_nightly: '0'
|
docker_yum_repo_enable_nightly: '0'
|
||||||
docker_yum_repo_enable_test: '0'
|
docker_yum_repo_enable_test: '0'
|
||||||
docker_yum_gpg_key: "{{ docker_repo_url }}/centos/gpg"
|
docker_yum_gpg_key: "{{ docker_repo_url }}/{{ (ansible_facts.distribution == 'Fedora') | ternary('fedora', 'centos') }}/gpg"
|
||||||
```
|
```
|
||||||
|
|
||||||
(Used only for RedHat/CentOS.) You can enable the Nightly or Test repo by setting the respective vars to `1`.
|
(Used only for RedHat/CentOS.) You can enable the Nightly or Test repo by setting the respective vars to `1`.
|
||||||
|
|||||||
@ -33,7 +33,7 @@ docker_compose_package_state: present
|
|||||||
# Docker Compose options.
|
# Docker Compose options.
|
||||||
docker_install_compose: false
|
docker_install_compose: false
|
||||||
docker_compose_version: "v2.32.1"
|
docker_compose_version: "v2.32.1"
|
||||||
docker_compose_arch: "{{ ansible_architecture }}"
|
docker_compose_arch: "{{ ansible_facts.architecture }}"
|
||||||
docker_compose_url: "https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-linux-{{ docker_compose_arch }}"
|
docker_compose_url: "https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-linux-{{ docker_compose_arch }}"
|
||||||
docker_compose_path: /usr/local/bin/docker-compose
|
docker_compose_path: /usr/local/bin/docker-compose
|
||||||
|
|
||||||
@ -47,19 +47,19 @@ docker_repo_url: https://download.docker.com/linux
|
|||||||
docker_apt_release_channel: stable
|
docker_apt_release_channel: stable
|
||||||
# docker_apt_ansible_distribution is a workaround for Ubuntu variants which can't be identified as such by Ansible,
|
# docker_apt_ansible_distribution is a workaround for Ubuntu variants which can't be identified as such by Ansible,
|
||||||
# and is only necessary until Docker officially supports them.
|
# and is only necessary until Docker officially supports them.
|
||||||
docker_apt_ansible_distribution: "{{ 'ubuntu' if ansible_distribution in ['Pop!_OS', 'Linux Mint'] else ansible_distribution }}"
|
docker_apt_ansible_distribution: "{{ 'ubuntu' if ansible_facts.distribution in ['Pop!_OS', 'Linux Mint'] else ansible_facts.distribution }}"
|
||||||
docker_apt_arch: "{{ 'arm64' if ansible_architecture == 'aarch64' else 'armhf' if ansible_architecture == 'armv7l' else 'amd64' }}"
|
docker_apt_arch: "{{ 'arm64' if ansible_facts.architecture == 'aarch64' else 'armhf' if ansible_facts.architecture == 'armv7l' else 'amd64' }}"
|
||||||
docker_apt_repository: "deb [arch={{ docker_apt_arch }} signed-by=/etc/apt/keyrings/docker.asc] {{ docker_repo_url }}/{{ docker_apt_ansible_distribution | lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}"
|
docker_apt_repository: "deb [arch={{ docker_apt_arch }} signed-by=/etc/apt/keyrings/docker.asc] {{ docker_repo_url }}/{{ docker_apt_ansible_distribution | lower }} {{ ansible_facts.distribution_release }} {{ docker_apt_release_channel }}"
|
||||||
docker_apt_ignore_key_error: true
|
docker_apt_ignore_key_error: true
|
||||||
docker_apt_gpg_key: "{{ docker_repo_url }}/{{ docker_apt_ansible_distribution | lower }}/gpg"
|
docker_apt_gpg_key: "{{ docker_repo_url }}/{{ docker_apt_ansible_distribution | lower }}/gpg"
|
||||||
docker_apt_gpg_key_checksum: "sha256:1500c1f56fa9e26b9b8f42452a553675796ade0807cdce11975eb98170b3a570"
|
docker_apt_gpg_key_checksum: "sha256:1500c1f56fa9e26b9b8f42452a553675796ade0807cdce11975eb98170b3a570"
|
||||||
docker_apt_filename: "docker"
|
docker_apt_filename: "docker"
|
||||||
|
|
||||||
# Used only for RedHat/CentOS/Fedora.
|
# Used only for RedHat/CentOS/Fedora.
|
||||||
docker_yum_repo_url: "{{ docker_repo_url }}/{{ (ansible_distribution == 'Fedora') | ternary('fedora','centos') }}/docker-{{ docker_edition }}.repo"
|
docker_yum_repo_url: "{{ docker_repo_url }}/{{ (ansible_facts.distribution == 'Fedora') | ternary('fedora','centos') }}/docker-{{ docker_edition }}.repo"
|
||||||
docker_yum_repo_enable_nightly: '0'
|
docker_yum_repo_enable_nightly: '0'
|
||||||
docker_yum_repo_enable_test: '0'
|
docker_yum_repo_enable_test: '0'
|
||||||
docker_yum_gpg_key: "{{ docker_repo_url }}/centos/gpg"
|
docker_yum_gpg_key: "{{ docker_repo_url }}/{{ (ansible_facts.distribution == 'Fedora') | ternary('fedora', 'centos') }}/gpg"
|
||||||
|
|
||||||
# A list of users who will be added to the docker group.
|
# A list of users who will be added to the docker group.
|
||||||
docker_users: []
|
docker_users: []
|
||||||
|
|||||||
@ -1,7 +1,11 @@
|
|||||||
---
|
---
|
||||||
- name: restart docker
|
- name: restart docker
|
||||||
service:
|
ansible.builtin.service:
|
||||||
name: docker
|
name: docker
|
||||||
state: "{{ docker_restart_handler_state }}"
|
state: "{{ docker_restart_handler_state }}"
|
||||||
ignore_errors: "{{ ansible_check_mode }}"
|
ignore_errors: "{{ ansible_check_mode }}"
|
||||||
when: docker_service_manage | bool
|
when: docker_service_manage | bool
|
||||||
|
|
||||||
|
- name: apt update
|
||||||
|
ansible.builtin.apt:
|
||||||
|
update_cache: true
|
||||||
|
|||||||
@ -6,7 +6,7 @@
|
|||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: Update apt cache.
|
- name: Update apt cache.
|
||||||
apt: update_cache=yes cache_valid_time=600
|
apt: update_cache=yes cache_valid_time=600
|
||||||
when: ansible_os_family == 'Debian'
|
when: ansible_facts.os_family == 'Debian'
|
||||||
|
|
||||||
- name: Wait for systemd to complete initialization. # noqa 303
|
- name: Wait for systemd to complete initialization. # noqa 303
|
||||||
command: systemctl is-system-running
|
command: systemctl is-system-running
|
||||||
@ -16,7 +16,7 @@
|
|||||||
'degraded' in systemctl_status.stdout
|
'degraded' in systemctl_status.stdout
|
||||||
retries: 30
|
retries: 30
|
||||||
delay: 5
|
delay: 5
|
||||||
when: ansible_service_mgr == 'systemd'
|
when: ansible_facts.service_mgr == 'systemd'
|
||||||
changed_when: false
|
changed_when: false
|
||||||
failed_when: systemctl_status.rc > 1
|
failed_when: systemctl_status.rc > 1
|
||||||
|
|
||||||
|
|||||||
@ -17,14 +17,14 @@
|
|||||||
- name: Verify Docker service is running
|
- name: Verify Docker service is running
|
||||||
command: systemctl is-active docker
|
command: systemctl is-active docker
|
||||||
register: docker_service_status
|
register: docker_service_status
|
||||||
when: ansible_service_mgr == 'systemd'
|
when: ansible_facts.service_mgr == 'systemd'
|
||||||
changed_when: false
|
changed_when: false
|
||||||
failed_when: docker_service_status.stdout.strip() != "active"
|
failed_when: docker_service_status.stdout.strip() != "active"
|
||||||
|
|
||||||
- name: Display Docker service status
|
- name: Display Docker service status
|
||||||
debug:
|
debug:
|
||||||
msg: "Docker service is {{ docker_service_status.stdout.strip() }}"
|
msg: "Docker service is {{ docker_service_status.stdout.strip() }}"
|
||||||
when: ansible_service_mgr == 'systemd'
|
when: ansible_facts.service_mgr == 'systemd'
|
||||||
|
|
||||||
- name: Pull the 'hello-world' image
|
- name: Pull the 'hello-world' image
|
||||||
command: docker pull hello-world
|
command: docker pull hello-world
|
||||||
|
|||||||
@ -4,17 +4,17 @@
|
|||||||
vars:
|
vars:
|
||||||
params:
|
params:
|
||||||
files:
|
files:
|
||||||
- '{{ansible_distribution}}.yml'
|
- '{{ansible_facts.distribution}}.yml'
|
||||||
- '{{ansible_os_family}}.yml'
|
- '{{ansible_facts.os_family}}.yml'
|
||||||
- main.yml
|
- main.yml
|
||||||
paths:
|
paths:
|
||||||
- 'vars'
|
- 'vars'
|
||||||
|
|
||||||
- include_tasks: setup-RedHat.yml
|
- include_tasks: setup-RedHat.yml
|
||||||
when: ansible_os_family == 'RedHat'
|
when: ansible_facts.os_family == 'RedHat'
|
||||||
|
|
||||||
- include_tasks: setup-Debian.yml
|
- include_tasks: setup-Debian.yml
|
||||||
when: ansible_os_family == 'Debian'
|
when: ansible_facts.os_family == 'Debian'
|
||||||
|
|
||||||
- name: Install Docker packages.
|
- name: Install Docker packages.
|
||||||
package:
|
package:
|
||||||
@ -22,7 +22,7 @@
|
|||||||
state: "{{ docker_packages_state }}"
|
state: "{{ docker_packages_state }}"
|
||||||
notify: restart docker
|
notify: restart docker
|
||||||
ignore_errors: "{{ ansible_check_mode }}"
|
ignore_errors: "{{ ansible_check_mode }}"
|
||||||
when: "ansible_version.full is version_compare('2.12', '<') or ansible_os_family not in ['RedHat', 'Debian']"
|
when: "ansible_version.full is version_compare('2.12', '<') or ansible_facts.os_family not in ['RedHat', 'Debian']"
|
||||||
|
|
||||||
- name: Install Docker packages (with downgrade option).
|
- name: Install Docker packages (with downgrade option).
|
||||||
package:
|
package:
|
||||||
@ -31,7 +31,7 @@
|
|||||||
allow_downgrade: true
|
allow_downgrade: true
|
||||||
notify: restart docker
|
notify: restart docker
|
||||||
ignore_errors: "{{ ansible_check_mode }}"
|
ignore_errors: "{{ ansible_check_mode }}"
|
||||||
when: "ansible_version.full is version_compare('2.12', '>=') and ansible_os_family in ['RedHat', 'Debian']"
|
when: "ansible_version.full is version_compare('2.12', '>=') and ansible_facts.os_family in ['RedHat', 'Debian']"
|
||||||
|
|
||||||
- name: Install docker-compose plugin.
|
- name: Install docker-compose plugin.
|
||||||
package:
|
package:
|
||||||
@ -39,7 +39,7 @@
|
|||||||
state: "{{ docker_compose_package_state }}"
|
state: "{{ docker_compose_package_state }}"
|
||||||
notify: restart docker
|
notify: restart docker
|
||||||
ignore_errors: "{{ ansible_check_mode }}"
|
ignore_errors: "{{ ansible_check_mode }}"
|
||||||
when: "docker_install_compose_plugin | bool == true and (ansible_version.full is version_compare('2.12', '<') or ansible_os_family not in ['RedHat', 'Debian'])"
|
when: "docker_install_compose_plugin | bool == true and (ansible_version.full is version_compare('2.12', '<') or ansible_facts.os_family not in ['RedHat', 'Debian'])"
|
||||||
|
|
||||||
- name: Install docker-compose-plugin (with downgrade option).
|
- name: Install docker-compose-plugin (with downgrade option).
|
||||||
package:
|
package:
|
||||||
@ -48,7 +48,7 @@
|
|||||||
allow_downgrade: true
|
allow_downgrade: true
|
||||||
notify: restart docker
|
notify: restart docker
|
||||||
ignore_errors: "{{ ansible_check_mode }}"
|
ignore_errors: "{{ ansible_check_mode }}"
|
||||||
when: "docker_install_compose_plugin | bool == true and ansible_version.full is version_compare('2.12', '>=') and ansible_os_family in ['RedHat', 'Debian']"
|
when: "docker_install_compose_plugin | bool == true and ansible_version.full is version_compare('2.12', '>=') and ansible_facts.os_family in ['RedHat', 'Debian']"
|
||||||
|
|
||||||
- name: Ensure /etc/docker/ directory exists.
|
- name: Ensure /etc/docker/ directory exists.
|
||||||
file:
|
file:
|
||||||
|
|||||||
@ -9,58 +9,35 @@
|
|||||||
path: "/etc/apt/sources.list.d/download_docker_com_linux_{{ docker_apt_ansible_distribution | lower }}.list"
|
path: "/etc/apt/sources.list.d/download_docker_com_linux_{{ docker_apt_ansible_distribution | lower }}.list"
|
||||||
state: absent
|
state: absent
|
||||||
|
|
||||||
- name: Ensure the repo referencing the previous trusted.gpg.d key is not present
|
# See https://docs.docker.com/engine/install/debian/#uninstall-old-versions
|
||||||
apt_repository:
|
- name: Ensure old versions of Docker are not installed.
|
||||||
repo: "deb [arch={{ docker_apt_arch }} signed-by=/etc/apt/trusted.gpg.d/docker.asc] {{ docker_repo_url }}/{{ docker_apt_ansible_distribution | lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}"
|
ansible.builtin.package:
|
||||||
state: absent
|
|
||||||
filename: "{{ docker_apt_filename }}"
|
|
||||||
update_cache: true
|
|
||||||
when: docker_add_repo | bool
|
|
||||||
|
|
||||||
- # See https://docs.docker.com/engine/install/debian/#uninstall-old-versions
|
|
||||||
name: Ensure old versions of Docker are not installed.
|
|
||||||
package:
|
|
||||||
name: "{{ docker_obsolete_packages }}"
|
name: "{{ docker_obsolete_packages }}"
|
||||||
state: absent
|
state: absent
|
||||||
|
|
||||||
|
- name: Ensure legacy repo file is not present.
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: "/etc/apt/sources.list.d/docker.list"
|
||||||
|
state: absent
|
||||||
|
|
||||||
- name: Ensure dependencies are installed.
|
- name: Ensure dependencies are installed.
|
||||||
apt:
|
ansible.builtin.apt:
|
||||||
name:
|
name:
|
||||||
- apt-transport-https
|
- apt-transport-https
|
||||||
- ca-certificates
|
- ca-certificates
|
||||||
|
- python3-debian
|
||||||
state: present
|
state: present
|
||||||
when: docker_add_repo | bool
|
|
||||||
|
|
||||||
- name: Ensure directory exists for /etc/apt/keyrings
|
- name: Add or remove Docker repository.
|
||||||
file:
|
ansible.builtin.deb822_repository:
|
||||||
path: /etc/apt/keyrings
|
name: docker
|
||||||
state: directory
|
types: deb
|
||||||
mode: "0755"
|
uris: "{{ docker_repo_url }}/{{ ansible_facts.distribution | lower }}"
|
||||||
|
suites: "{{ ansible_facts.distribution_release }}"
|
||||||
|
components: "{{ docker_apt_release_channel }}"
|
||||||
|
signed_by: "{{ docker_apt_gpg_key }}"
|
||||||
|
state: "{{ 'present' if docker_add_repo | bool else 'absent' }}"
|
||||||
|
notify: apt update
|
||||||
|
|
||||||
- name: Add Docker apt key.
|
- name: Ensure handlers are notified immediately to update the apt cache.
|
||||||
ansible.builtin.get_url:
|
ansible.builtin.meta: flush_handlers
|
||||||
url: "{{ docker_apt_gpg_key }}"
|
|
||||||
dest: /etc/apt/keyrings/docker.asc
|
|
||||||
mode: "0644"
|
|
||||||
force: false
|
|
||||||
checksum: "{{ docker_apt_gpg_key_checksum | default(omit) }}"
|
|
||||||
register: add_repository_key
|
|
||||||
ignore_errors: "{{ docker_apt_ignore_key_error }}"
|
|
||||||
when: docker_add_repo | bool
|
|
||||||
|
|
||||||
- name: Ensure curl is present (on older systems without SNI).
|
|
||||||
package: name=curl state=present
|
|
||||||
when: add_repository_key is failed and docker_add_repo | bool
|
|
||||||
|
|
||||||
- name: Add Docker apt key (alternative for older systems without SNI).
|
|
||||||
shell: >
|
|
||||||
curl -sSL {{ docker_apt_gpg_key }} | apt-key add -
|
|
||||||
when: add_repository_key is failed and docker_add_repo | bool
|
|
||||||
|
|
||||||
- name: Add Docker repository.
|
|
||||||
apt_repository:
|
|
||||||
repo: "{{ docker_apt_repository }}"
|
|
||||||
state: present
|
|
||||||
filename: "{{ docker_apt_filename }}"
|
|
||||||
update_cache: true
|
|
||||||
when: docker_add_repo | bool
|
|
||||||
|
|||||||
@ -55,4 +55,4 @@
|
|||||||
package:
|
package:
|
||||||
name: containerd.io
|
name: containerd.io
|
||||||
state: present
|
state: present
|
||||||
when: ansible_distribution_major_version | int == 8
|
when: ansible_facts.distribution_major_version | int == 8
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user