ansible plays for docker, haproxy & varnish

2026-02-11 01:59:08 +00:00 · 2025-12-28 21:38:13 +01:00
parent c2a04735a4
commit ec0eb23acd
58 changed files with 815 additions and 0 deletions
--- a/ansible/roles/docker/defaults/main.yml
+++ b/ansible/roles/docker/defaults/main.yml
@@ -0,0 +1,15 @@
+clean_install_remove_packages:
+  - docker.io
+  - docker-doc
+  - docker-compose
+  - podman-docker
+  - containerd
+  - runc
+
+install_packages:
+  - docker-ce
+  - docker-ce-cli
+  - containerd.io
+  - docker-buildx-plugin
+  - docker-compose
+  # - docker-compose-plugin
--- a/ansible/roles/docker/tasks/main.yml
+++ b/ansible/roles/docker/tasks/main.yml
@@ -0,0 +1,62 @@
+---
+- name: Clean install by removing any docker package
+  package: name={{ item }} state=absent
+  with_items: "{{ clean_install_remove_packages }}"
+
+- name: Ensure curl & ca-certs are installed 
+  package:
+    name:
+      - ca-certificates
+      - curl
+      - gnupg
+    state: latest
+
+# Map Ansible distro -> Docker repo distro segment
+- name: Determine Docker repository distro (ubuntu/debian)
+  set_fact:
+    docker_repo_distro: >-
+      {{
+        'ubuntu' if ansible_distribution | lower == 'ubuntu'
+        else 'debian' if ansible_distribution | lower == 'debian'
+        else ansible_distribution | lower
+      }}
+
+# Prefer the suite/codename Ansible already knows; fall back to os-release.
+- name: Determine OS suite/codename
+  set_fact:
+    docker_repo_codename: "{{ ansible_distribution_release | default(ansible_lsb.codename, true) }}"
+
+- name: Ensure docker keyring file exists
+  file:
+    path: /etc/apt/keyrings/docker.gpg
+    state: touch
+  
+- name: Download docker gpg key and add to keyrings
+  shell: |
+    curl -fsSL "https://download.docker.com/linux/{{ docker_repo_distro }}/gpg" \
+      | gpg --dearmor --yes -o /etc/apt/keyrings/docker.gpg
+    chmod a+r /etc/apt/keyrings/docker.gpg
+  args:
+    creates: /etc/apt/keyrings/docker.gpg
+
+- name: Sign and add docker deb source (Ubuntu/Debian)
+  copy:
+    dest: /etc/apt/sources.list.d/docker.list
+    mode: "0644"
+    content: |
+      deb [signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/{{ docker_repo_distro }} {{ docker_repo_codename }} stable
+
+- name: Update apt sources
+#  become: true
+  apt:
+    update_cache: yes
+    cache_valid_time: 10
+
+- name: Install docker packages
+  package: name={{ item }} state=latest
+  with_items: "{{ install_packages }}"
+
+- name: Ensure group docker exists
+  user:
+    name: docker
+    state: present