jaydee/ansible
1
0
Fork 0
mirror of https://gitlab.sectorq.eu/jaydee/ansible.git synced 2025-10-30 18:01:11 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

alias

Browse Source
This commit is contained in:
jaydee
2025-04-16 09:31:09 +02:00
parent d4ee9dc3eb
commit 24191afe3d
17 changed files with 593 additions and 559 deletions
Download Patch File Download Diff File Expand all files Collapse all files

253
roles/docker/tasks/main.yml
View File

@@ -1,113 +1,164 @@
- block:
- name: print arch
debug:
msg: "{{ ansible_architecture }}"
- name: Install docker
ansible.builtin.apt:
name:
- ca-certificates
- curl
- telnet
- net-tools
- python3-pip
- python3-dev
state: present
update_cache: true
- name: Get keys for raspotify
ansible.builtin.shell:
install -m 0755 -d /etc/apt/keyrings
- name: Setup docker
become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}"
block:
- name: Print arch
ansible.builtin.debug:
msg: "{{ ansible_architecture }}"
- name: Install docker
ansible.builtin.apt:
name:
- ca-certificates
- curl
- telnet
- net-tools
- python3-pip
- python3-dev
state: present
update_cache: true
- name: Get keys for raspotify
ansible.builtin.command:
install -m 0755 -d /etc/apt/keyrings
changed_when: my_output.rc != 0
- name: Get keys for raspotify
ansible.builtin.shell:
curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
when:
- name: Add an Apt signing key to a specific keyring file
ansible.builtin.apt_key:
url: https://download.docker.com/linux/debian/gpg
keyring: /etc/apt/keyrings/docker.asc
when:
- ansible_distribution == "Debian" and ansible_distribution_major_version == "12"
- name: Get keys for raspotify
ansible.builtin.shell:
curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
when:
# - name: Get keys for raspotify
# ansible.builtin.shell:
# curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
# when:
# - ansible_distribution == "Debian" and ansible_distribution_major_version == "12"
- name: Add an Apt signing key to a specific keyring file
ansible.builtin.apt_key:
url: https://download.docker.com/linux/ubuntu/gpg
keyring: /etc/apt/keyrings/docker.asc
when:
- ansible_distribution == "Ubuntu"
- name: Get keys for raspotify
ansible.builtin.shell:
chmod a+r /etc/apt/keyrings/docker.asc
# - name: Get keys for raspotify
# ansible.builtin.shell:
# curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
# when:
# - ansible_distribution == "Ubuntu"
- name: Change file ownership, group and permissions
ansible.builtin.file:
path: /etc/apt/keyrings/docker.asc
owner: root
group: root
mode: '0644'
- name: Get keys for raspotify
ansible.builtin.shell: echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
when:
# - name: Get keys for raspotify
# ansible.builtin.shell:
# chmod a+r /etc/apt/keyrings/docker.asc
- name: Get keys for raspotify
ansible.builtin.shell: echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc]\
https://download.docker.com/linux/debian $(. /etc/os-release && echo "$VERSION_CODENAME") stable" |\
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
when:
- ansible_distribution == "Debian" and ansible_distribution_major_version == "12"
- name: Get keys for raspotify
ansible.builtin.shell: echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
when:
- ansible_distribution == "Ubuntu"
- name: Install docker
ansible.builtin.apt:
name:
- docker-ce
- docker-ce-cli
- containerd.io
- docker-buildx-plugin
- docker-compose-plugin
update_cache: true
changed_when: my_output.rc != 0
- name: Create a directory docker.service.d
ansible.builtin.file:
path: /etc/systemd/system/docker.service.d/
state: directory
mode: '0755'
- name: Create a directory for certs
ansible.builtin.file:
path: /etc/docker/certs
state: directory
mode: '0700'
- name: Copy files
copy:
src: server-key.pem
dest: /etc/docker/certs/
- name: Copy files
copy:
src: ca.pem
dest: /etc/docker/certs/
- name: Copy files
copy:
src: server-cert.pem
dest: /etc/docker/certs/
- name: Creating a file with content
copy:
dest: "/etc/systemd/system/docker.service.d/override.conf"
content: |
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --tlsverify --tlscacert=/etc/docker/certs/ca.pem --tlscert=/etc/docker/certs/server-cert.pem --tlskey=/etc/docker/certs/server-key.pem -H=0.0.0.0:2376
notify: restart_docker
when: mode == "nocert"
- name: Creating a file with content
copy:
dest: "/etc/systemd/system/docker.service.d/override.conf"
content: |
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --tlsverify --tlscacert=/etc/docker/certs/ca.pem --tlscert=/etc/docker/certs/server-cert.pem --tlskey=/etc/docker/certs/server-key.pem -H=0.0.0.0:2376
notify: restart_docker
when: mode != "nocert"
- name: Get keys for raspotify
ansible.builtin.shell: echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc]\
https://download.docker.com/linux/ubuntu $(. /etc/os-release && echo "$VERSION_CODENAME") stable" |\
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
when:
- ansible_distribution == "Ubuntu"
changed_when: my_output.rc != 0
- name: Just force systemd to reread configs
ansible.builtin.systemd:
daemon_reload: true
- name: Install docker
ansible.builtin.apt:
name:
- docker-ce
- docker-ce-cli
- containerd.io
- docker-buildx-plugin
- docker-compose-plugin
update_cache: true
- name: Restart docker service
ansible.builtin.service:
name: docker
state: restarted
- name: Create a directory docker.service.d
ansible.builtin.file:
path: /etc/systemd/system/docker.service.d/
state: directory
mode: '0755'
- name: Create a directory for certs
ansible.builtin.file:
path: /etc/docker/certs
state: directory
mode: '0700'
owner: root
group: root
# - name: Get keys for raspotify
# ansible.builtin.shell: docker plugin install grafana/loki-docker-driver:3.3.2-{{ ansible_architecture }} --alias loki --grant-all-permissions
- name: Install a plugin
community.docker.docker_plugin:
plugin_name: grafana/loki-docker-driver:3.3.2
alias: loki
state: present
- name: Copy files
ansible.builtin.copy:
src: server-key.pem
dest: /etc/docker/certs/
mode: '0600'
owner: root
group: root
- name: Copy files
ansible.builtin.copy:
src: ca.pem
dest: /etc/docker/certs/
mode: '0600'
owner: root
group: root
- name: Copy files
ansible.builtin.copy:
src: server-cert.pem
dest: /etc/docker/certs/
mode: '0600'
owner: root
group: root
- name: Creating a file with content
ansible.builtin.copy:
dest: "/etc/systemd/system/docker.service.d/override.conf"
content: |
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --tlsverify \
--tlscacert=/etc/docker/certs/ca.pem --tlscert=/etc/docker/certs/server-cert.pem \
--tlskey=/etc/docker/certs/server-key.pem -H=0.0.0.0:2376
mode: '0600'
owner: root
group: root
notify: restart_docker
when: mode == "nocert"
- name: Creating a file with content
ansible.builtin.copy:
dest: "/etc/systemd/system/docker.service.d/override.conf"
content: |
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --tlsverify \
--tlscacert=/etc/docker/certs/ca.pem --tlscert=/etc/docker/certs/server-cert.pem \
--tlskey=/etc/docker/certs/server-key.pem -H=0.0.0.0:2376
mode: '0600'
owner: root
group: root
notify: restart_docker
when: mode != "nocert"
become: true
- name: Just force systemd to reread configs
ansible.builtin.systemd:
daemon_reload: true
- name: Restart docker service
ansible.builtin.service:
name: docker
state: restarted
# - name: Get keys for raspotify
# ansible.builtin.shell: docker plugin install grafana/loki-docker-driver:3.3.2-{{ ansible_architecture }} --alias loki --grant-all-permissions
- name: Install a plugin
community.docker.docker_plugin:
plugin_name: grafana/loki-docker-driver:3.3.2
alias: loki
state: present