From 30a9e6599de23b6a1fb6f4d12cff3c9b8118ae2b Mon Sep 17 00:00:00 2001 From: OldTyT Date: Sun, 25 Feb 2024 01:16:42 +0300 Subject: [PATCH] Initial commit --- .gitignore | 5 ++++ .gitlab-ci.yml | 10 ++++++++ .yamllint | 11 +++++++++ README.md | 9 +++++++ defaults/main.yml | 19 +++++++++++++++ handlers/main.yml | 6 +++++ meta/main.yml | 11 +++++++++ tasks/composes.yml | 31 ++++++++++++++++++++++++ tasks/config.yml | 20 ++++++++++++++++ tasks/install.yml | 52 ++++++++++++++++++++++++++++++++++++++++ tasks/main.yml | 15 ++++++++++++ templates/daemon-json.j2 | 22 +++++++++++++++++ 12 files changed, 211 insertions(+) create mode 100644 .gitignore create mode 100644 .gitlab-ci.yml create mode 100644 .yamllint create mode 100644 README.md create mode 100644 defaults/main.yml create mode 100644 handlers/main.yml create mode 100644 meta/main.yml create mode 100644 tasks/composes.yml create mode 100644 tasks/config.yml create mode 100644 tasks/install.yml create mode 100644 tasks/main.yml create mode 100644 templates/daemon-json.j2 diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..b2a37ff --- /dev/null +++ b/.gitignore @@ -0,0 +1,5 @@ +*.log +*.pyc +**/__pycache__/ +.env +.secrets diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000..20d12bd --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,10 @@ +--- +stages: + - linter + +linter: + stage: linter + image: + name: osshelp/drone-linter + entrypoint: [""] + script: [entrypoint.sh] diff --git a/.yamllint b/.yamllint new file mode 100644 index 0000000..ad0be76 --- /dev/null +++ b/.yamllint @@ -0,0 +1,11 @@ +extends: default + +rules: + braces: + max-spaces-inside: 1 + level: error + brackets: + max-spaces-inside: 1 + level: error + line-length: disable + truthy: disable diff --git a/README.md b/README.md new file mode 100644 index 0000000..bbce3f6 --- /dev/null +++ b/README.md @@ -0,0 +1,9 @@ +# docker + +Simple Ansible role for docker installation. + +## Usage (example) + +```yaml + - role: docker +``` diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..3a6c497 --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,19 @@ +--- +repo_key: 'https://download.docker.com/linux/ubuntu/gpg' +repo_branch: stable +repo_url: "deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_lsb.codename|lower }} {{ repo_branch }}" + + +dst_compose_files_dir: '/mnt/deploy/docker' + +ipv6_enable: false +remap_enable: false +remap_user: dockremap +remap_subuid: 100000 +metrics_enable: true +metrics_addr: 0.0.0.0 +metrics_port: 19323 +experimental_enable: "{{ metrics_enable }}" +tcp_listen: false +live_restore: true +swarm_init: false diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..f05bdf1 --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,6 @@ +--- +- name: reload docker unit + systemd: daemon_reload=yes + +- name: restart docker service + systemd: name=docker state=restarted diff --git a/meta/main.yml b/meta/main.yml new file mode 100644 index 0000000..13730ab --- /dev/null +++ b/meta/main.yml @@ -0,0 +1,11 @@ +--- +galaxy_info: + author: OldTyT + description: Docker install on ubuntu + min_ansible_version: 2.8 + platforms: + - name: Ubuntu + versions: + - jammy + galaxy_tags: + - dockerubuntuinstall diff --git a/tasks/composes.yml b/tasks/composes.yml new file mode 100644 index 0000000..824c716 --- /dev/null +++ b/tasks/composes.yml @@ -0,0 +1,31 @@ +--- +- name: create dir for ymls + file: + path: "{{ dst_compose_files_dir }}" + state: directory + mode: '0755' + +- name: Save all env variables to a file + ansible.builtin.shell: + cmd: printenv > {{ dst_compose_files_dir }}/.env + args: + executable: /bin/bash + +- name: create compose file + copy: + src: "{{ 'files/' + (inventory_hostname if molecule_file is not defined else 'molecule') + '/docker-compose.yml' }}" + dest: "{{ dst_compose_files_dir }}/docker-compose.yml" + mode: '0644' + +- name: deploy compose file + docker_compose: + env_file: "{{ dst_compose_files_dir }}/.env" + project_src: "{{ dst_compose_files_dir }}" + files: ["{{ dst_compose_files_dir }}/{{ item.name }}.yml"] + state: "{{ item.state | default('present') }}" + remove_orphans: "{{ item.remove_orphans | default('yes') }}" + recreate: "{{ item.recreate | default('smart') }}" + pull: "{{ item.pull | default('yes') }}" + stopped: "{{ item.stopped | default('no') }}" + timeout: "{{ item.timeout | default('10') }}" + debug: "{{ item.debug | default('no') }}" diff --git a/tasks/config.yml b/tasks/config.yml new file mode 100644 index 0000000..55874a4 --- /dev/null +++ b/tasks/config.yml @@ -0,0 +1,20 @@ +--- +- name: create directories + file: + path: "{{ item }}" + state: directory + mode: '0755' + with_items: + - /etc/systemd/system/docker.service.d + - /etc/docker + +- name: create daemon.json + template: + src: daemon-json.j2 + dest: /etc/docker/daemon.json + mode: 0640 + register: docker_daemon_json + notify: + - restart docker service + +- meta: flush_handlers diff --git a/tasks/install.yml b/tasks/install.yml new file mode 100644 index 0000000..6bbb0d9 --- /dev/null +++ b/tasks/install.yml @@ -0,0 +1,52 @@ +--- +- name: Update apt cache + apt: + update_cache: yes + +- name: Install utils + retries: 3 + delay: 5 + ansible.builtin.apt: + pkg: + - ca-certificates + - curl + - gpg + update_cache: yes + cache_valid_time: 3600 + +- name: Make sure the APT keyring directory exists + file: + path: /etc/apt/keyrings + state: directory + mode: '0755' + +- name: Register the Docker GPG key with APT + become: true + ansible.builtin.apt_key: + url: "{{ repo_key }}" + state: present + +- name: Add Docker repository to APT sources + apt_repository: + repo: "{{ repo_url }}" + state: present + filename: docker + +- name: create user for remap + user: + name: "{{ remap_user }}" + comment: "User for docker userns-remap" + state: present + create_home: false + when: remap_enable + +- name: Install Docker-CE + retries: 3 + delay: 5 + ansible.builtin.apt: + pkg: + - docker-ce + update_cache: yes + cache_valid_time: 3600 + +- meta: flush_handlers diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..e3aec73 --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,15 @@ +--- +- name: docker installation + include_tasks: install.yml + +- name: docker configuration + include_tasks: config.yml + +- name: Check for docker-compose.yml in the specific directory + ansible.builtin.stat: + path: "{{ 'files/' + (inventory_hostname if molecule_file is not defined else 'molecule') + '/docker-compose.yml' }}" + register: docker_compose_stat + +- name: deploy compose files + include_tasks: composes.yml + when: docker_compose_stat.stat.exists diff --git a/templates/daemon-json.j2 b/templates/daemon-json.j2 new file mode 100644 index 0000000..92447c1 --- /dev/null +++ b/templates/daemon-json.j2 @@ -0,0 +1,22 @@ +{ +{% if tcp_listen %} "hosts": ["tcp://{{ tcp_listen_addr | default('0.0.0.0') }}:{{ tcp_listen_port | default('2375') }}", "unix:///var/run/docker.sock"], +{% endif %} +{% if metrics_enable %} "metrics-addr" : "{{ metrics_addr | default('0.0.0.0') }}:{{ metrics_port | default('19323') }}", +{% endif %} +{% if experimental_enable %} "experimental" : true, +{% endif %} +{% if remap_enable %} "userns-remap" : "{{ remap_user | default('dockremap') }}", +{% endif %} +{% if insecure_registries is defined %} "insecure-registries" : [{% for registry in insecure_registries %}"{{ registry }}"{% if not loop.last %}, {% endif %}{% endfor %}], +{% endif %} +{% if registry_mirrors is defined %} "registry-mirrors": [{% for registry in registry_mirrors %}"{{ registry }}"{% if not loop.last %}, {% endif %}{% endfor %}], +{% endif %} + "log-opts": { + "compress": "{{ log.compress | default('false') }}", + "max-size": "{{ log.max_size | default('50m') }}", + "max-file": "{{ log.max_file | default('10') }}" + }, +{% if live_restore and not swarm_init %} "live-restore": true, +{% endif %} + "ipv6": {{ 'true' if ipv6_enable else 'false' }} +}