162 lines
5.6 KiB
YAML
162 lines
5.6 KiB
YAML
---
|
|
- name: Check if Docker is installed
|
|
command: docker --version
|
|
register: docker_installed
|
|
changed_when: false
|
|
failed_when: false
|
|
|
|
- name: Check if Docker Compose (v2) is installed
|
|
command: docker compose version
|
|
register: docker_compose_installed
|
|
changed_when: false
|
|
failed_when: false
|
|
when: ansible_facts['os_family'] == "Debian"
|
|
|
|
- name: Install Docker APT repo dependencies
|
|
apt:
|
|
name:
|
|
- ca-certificates
|
|
- curl
|
|
- gnupg
|
|
state: present
|
|
update_cache: true
|
|
when: ansible_facts['os_family'] == "Debian" and (docker_installed.rc != 0 or (docker_compose_installed is defined and docker_compose_installed.rc != 0))
|
|
|
|
- name: Determine Docker repository codename and architecture
|
|
set_fact:
|
|
docker_repo_codename: "{{ 'bookworm' if ansible_facts['distribution_release'] in ['trixie'] else ansible_facts['distribution_release'] }}"
|
|
docker_repo_arch: "{{ 'amd64' if ansible_facts['architecture'] == 'x86_64' else ('arm64' if ansible_facts['architecture'] in ['aarch64', 'arm64'] else ansible_facts['architecture']) }}"
|
|
when: ansible_facts['os_family'] == "Debian" and (docker_installed.rc != 0 or (docker_compose_installed is defined and docker_compose_installed.rc != 0))
|
|
|
|
- name: Ensure Docker apt keyrings directory exists
|
|
file:
|
|
path: /etc/apt/keyrings
|
|
state: directory
|
|
mode: "0755"
|
|
when: ansible_facts['os_family'] == "Debian" and (docker_installed.rc != 0 or (docker_compose_installed is defined and docker_compose_installed.rc != 0))
|
|
|
|
- name: Install Docker GPG key
|
|
get_url:
|
|
url: https://download.docker.com/linux/debian/gpg
|
|
dest: /etc/apt/keyrings/docker.asc
|
|
mode: "0644"
|
|
when: ansible_facts['os_family'] == "Debian" and (docker_installed.rc != 0 or (docker_compose_installed is defined and docker_compose_installed.rc != 0))
|
|
|
|
- name: Add Docker apt repository
|
|
apt_repository:
|
|
repo: "deb [arch={{ docker_repo_arch }} signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian {{ docker_repo_codename }} stable"
|
|
state: present
|
|
filename: docker
|
|
when: ansible_facts['os_family'] == "Debian" and (docker_installed.rc != 0 or (docker_compose_installed is defined and docker_compose_installed.rc != 0))
|
|
|
|
- name: Install Docker on Linux (Debian)
|
|
apt:
|
|
name:
|
|
- docker-ce
|
|
- docker-ce-cli
|
|
- containerd.io
|
|
- docker-buildx-plugin
|
|
- docker-compose-plugin
|
|
state: present
|
|
update_cache: true
|
|
register: docker_ce_install
|
|
ignore_errors: true
|
|
when: ansible_facts['os_family'] == "Debian" and (docker_installed.rc != 0 or (docker_compose_installed is defined and docker_compose_installed.rc != 0))
|
|
|
|
- name: Fallback - install Docker from Debian repos if docker-ce is unavailable
|
|
apt:
|
|
name:
|
|
- docker.io
|
|
state: present
|
|
update_cache: true
|
|
when: ansible_facts['os_family'] == "Debian" and (docker_ce_install is defined and docker_ce_install is failed)
|
|
|
|
- name: Ensure Docker CLI plugins directory exists
|
|
file:
|
|
path: /usr/local/lib/docker/cli-plugins
|
|
state: directory
|
|
mode: "0755"
|
|
when: ansible_facts['os_family'] == "Debian" and (docker_ce_install is defined and docker_ce_install is failed)
|
|
|
|
- name: Fallback - install Docker Compose v2 plugin binary
|
|
get_url:
|
|
url: "https://github.com/docker/compose/releases/download/v2.27.0/docker-compose-linux-{{ 'x86_64' if ansible_facts['architecture'] == 'x86_64' else 'aarch64' }}"
|
|
dest: /usr/local/lib/docker/cli-plugins/docker-compose
|
|
mode: "0755"
|
|
when: ansible_facts['os_family'] == "Debian" and (docker_ce_install is defined and docker_ce_install is failed)
|
|
|
|
- name: Start and enable Docker service on Linux
|
|
service:
|
|
name: docker
|
|
state: started
|
|
enabled: true
|
|
when: ansible_facts['os_family'] == "Debian"
|
|
|
|
- name: Ensure /etc/docker exists
|
|
file:
|
|
path: /etc/docker
|
|
state: directory
|
|
mode: "0755"
|
|
when: ansible_facts['os_family'] == "Debian"
|
|
|
|
- name: Check if Docker daemon.json exists
|
|
stat:
|
|
path: /etc/docker/daemon.json
|
|
register: docker_daemon_json_stat
|
|
when: ansible_facts['os_family'] == "Debian"
|
|
|
|
- name: Read existing Docker daemon.json
|
|
slurp:
|
|
path: /etc/docker/daemon.json
|
|
register: docker_daemon_json_slurp
|
|
when:
|
|
- ansible_facts['os_family'] == "Debian"
|
|
- docker_daemon_json_stat.stat.exists
|
|
|
|
- name: Parse existing Docker daemon.json
|
|
set_fact:
|
|
docker_daemon_json_current: "{{ (docker_daemon_json_slurp.content | b64decode) | from_json }}"
|
|
when:
|
|
- ansible_facts['os_family'] == "Debian"
|
|
- docker_daemon_json_stat.stat.exists
|
|
|
|
- name: Set empty Docker daemon.json config when missing
|
|
set_fact:
|
|
docker_daemon_json_current: {}
|
|
when:
|
|
- ansible_facts['os_family'] == "Debian"
|
|
- not docker_daemon_json_stat.stat.exists
|
|
|
|
- name: Build desired Docker daemon.json config
|
|
set_fact:
|
|
docker_daemon_json_desired: >-
|
|
{{
|
|
docker_daemon_json_current
|
|
| combine({
|
|
'log-driver': 'json-file',
|
|
'log-opts': (docker_daemon_json_current['log-opts'] | default({}))
|
|
| combine({
|
|
'max-size': '10m',
|
|
'max-file': '5'
|
|
})
|
|
}, recursive=True)
|
|
}}
|
|
when: ansible_facts['os_family'] == "Debian"
|
|
|
|
- name: Write Docker daemon.json
|
|
copy:
|
|
dest: /etc/docker/daemon.json
|
|
content: "{{ docker_daemon_json_desired | to_nice_json }}"
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
register: docker_daemon_json_write
|
|
when: ansible_facts['os_family'] == "Debian"
|
|
|
|
- name: Restart Docker when daemon.json changes
|
|
service:
|
|
name: docker
|
|
state: restarted
|
|
when:
|
|
- ansible_facts['os_family'] == "Debian"
|
|
- docker_daemon_json_write is changed
|