108 lines
2.5 KiB
YAML
108 lines
2.5 KiB
YAML
- name: install - packages
|
|
tags: install
|
|
package: name={{ item }} state=present
|
|
with_items:
|
|
- gpg
|
|
|
|
- name: add docker apt-key
|
|
apt_key:
|
|
url: https://download.docker.com/linux/debian/gpg
|
|
state: present
|
|
|
|
- name: add docker apt repository
|
|
apt_repository:
|
|
repo: 'deb https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable'
|
|
state: present
|
|
filename: docker
|
|
update_cache: yes
|
|
|
|
|
|
- name: install - packages
|
|
tags: install
|
|
package: name={{ item }} state=present
|
|
with_items:
|
|
- docker-ce
|
|
- docker-ce-cli
|
|
- containerd.io
|
|
- python3-pip
|
|
|
|
|
|
- name: configure - user dockremap
|
|
tags: configure
|
|
user:
|
|
name: dockremap
|
|
state: present
|
|
shell: /bin/false
|
|
|
|
- name: configure namespaces dans grub
|
|
tags: configure
|
|
lineinfile:
|
|
state: present
|
|
dest: /etc/default/grub
|
|
backrefs: yes
|
|
regexp: '^GRUB_CMDLINE_LINUX='
|
|
line: 'GRUB_CMDLINE_LINUX="namespace.unpriv_enable=1 user_namespace.enable=1"'
|
|
register: grub_config
|
|
|
|
- name: configure - update grub
|
|
tags: configure
|
|
shell: grub-mkconfig -o /boot/grub/grub.cfg
|
|
when: grub_config.changed
|
|
|
|
- name: configure - execute handlers maintenant, avant possible reboot
|
|
tags: configure
|
|
meta: flush_handlers
|
|
|
|
- name: configure - REBOOT IMMEDIAT pour prise en compte namespaces, relancer le playbook s'il ne poursuit pas tout seul
|
|
tags: configure
|
|
reboot:
|
|
when: grub_config.changed
|
|
|
|
- name: configure - sysctl user_namespaces
|
|
tags: configure
|
|
sysctl: name=user.max_user_namespaces value=15076 sysctl_set=yes state=present reload=yes
|
|
|
|
- name: configure - docker daemon.json
|
|
tags: configure
|
|
template:
|
|
src: daemon.json.j2
|
|
dest: /etc/docker/daemon.json
|
|
notify:
|
|
- restart docker
|
|
|
|
- name: configure - active docker
|
|
tags: configure
|
|
service:
|
|
name: docker
|
|
state: started
|
|
enabled: yes
|
|
|
|
- name: traefik - network
|
|
tags: traefik
|
|
docker_network:
|
|
name: traefik
|
|
when: docker_host_traefik_enabled
|
|
|
|
- name: traefik - dir
|
|
tags: traefik
|
|
file:
|
|
path: /opt/traefik
|
|
state: directory
|
|
mode: 0750
|
|
when: docker_host_traefik_enabled
|
|
|
|
- name: traefik - compose
|
|
tags: traefik
|
|
template:
|
|
src: traefik-docker-compose.yml.j2
|
|
dest: /opt/traefik/docker-compose.yml
|
|
register: traefik_compose_file
|
|
when: docker_host_traefik_enabled
|
|
|
|
- name: traefik - run
|
|
tags: traefik
|
|
shell: /usr/local/bin/docker-compose up -d
|
|
args:
|
|
chdir: /opt/traefik/
|
|
when: docker_host_traefik_enabled and traefik_compose_file.changed
|
|
|