- name: install - packages tags: install package: name={{ item }} state=present with_items: - gpg - name: add docker apt-key apt_key: url: https://download.docker.com/linux/debian/gpg state: present - name: add docker apt repository apt_repository: repo: 'deb https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable' state: present filename: docker update_cache: yes - name: install - packages tags: install package: name={{ item }} state=present with_items: - docker-ce - docker-ce-cli - containerd.io - python3-pip - name: configure - user dockremap tags: configure user: name: dockremap state: present shell: /bin/false - name: configure namespaces dans grub tags: configure lineinfile: state: present dest: /etc/default/grub backrefs: yes regexp: '^GRUB_CMDLINE_LINUX=' line: 'GRUB_CMDLINE_LINUX="namespace.unpriv_enable=1 user_namespace.enable=1"' register: grub_config - name: configure - update grub tags: configure shell: grub-mkconfig -o /boot/grub/grub.cfg when: grub_config.changed - name: configure - execute handlers maintenant, avant possible reboot tags: configure meta: flush_handlers - name: configure - REBOOT IMMEDIAT pour prise en compte namespaces, relancer le playbook s'il ne poursuit pas tout seul tags: configure reboot: when: grub_config.changed - name: configure - sysctl user_namespaces tags: configure sysctl: name=user.max_user_namespaces value=15076 sysctl_set=yes state=present reload=yes - name: configure - docker daemon.json tags: configure template: src: daemon.json.j2 dest: /etc/docker/daemon.json notify: - restart docker - name: configure - active docker tags: configure service: name: docker state: started enabled: yes - name: traefik - network tags: traefik docker_network: name: traefik when: docker_host_traefik_enabled - name: traefik - dir tags: traefik file: path: /opt/traefik state: directory mode: 0750 when: docker_host_traefik_enabled - name: traefik - compose tags: traefik template: src: traefik-docker-compose.yml.j2 dest: /opt/traefik/docker-compose.yml register: traefik_compose_file when: docker_host_traefik_enabled - name: traefik - run tags: traefik shell: docker compose up -d args: chdir: /opt/traefik/ when: docker_host_traefik_enabled and traefik_compose_file.changed