add docker to common setup

2024-01-03 01:03:22 -05:00 · 2024-01-03 01:03:22 -05:00 · 365641c4b5
commit 365641c4b5
parent 807637e9a4
5 changed files with 66 additions and 6 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,2 @@
+**/*.swp
+*.swp
--- a/roles/common/files/docker-compose@.service
+++ b/roles/common/files/docker-compose@.service
@ -0,0 +1,14 @@
+[Unit]
+Description=%i service with docker compose
+Requires=docker.service
+After=docker.service
+
+[Service]
+Type=oneshot
+RemainAfterExit=true
+WorkingDirectory=/etc/docker/compose/%i
+ExecStart=/usr/bin/docker-compose up -d --remove-orphans
+ExecStop=/usr/bin/docker-compose down
+
+[Install]
+WantedBy=multi-user.target
--- a/roles/common/templates/jail.conf
+++ b/roles/common/templates/jail.conf
--- a/roles/common/templates/sshd_config
+++ b/roles/common/templates/sshd_config
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@ -1,15 +1,59 @@
 ---

-# apt cache
- name: update apt cache
-  ansible.builtin.apt:
+# docker
+- name: install dependencies
+  apt:
+    name:
+      - apt-transport-https
+      - ca-certificates
+      - curl
+      - gnupg-agent
+      - software-properties-common
+    state: latest
    update_cache: yes
-    cache_valid_time: 3600
+
+- name: docker GPG key
+  apt_key:
+    url: https://download.docker.com/linux/debian/gpg
+    state: present
+
+- name: repository docker
+  apt_repository:
+    repo: deb https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable
+    state: present 
+
+- name: install docker
+  apt:
+    name:
+      - docker-ce
+      - docker-ce-cli
+      - containerd.io
+    state: latest
+    update_cache: yes
+
+- name: enable docker
+  service: name=docker state=restarted enabled=yes
+
+- name: copy docker-compose@.service
+  copy:
+    src: ../files/docker-compose@.service
+    dest: /etc/systemd/system/docker-compose@.service
+    owner: root
+    group: root
+    mode: u=rw,g=r,o=r
+
+- name: ensure /etc/docker/compose exist
+  file:
+    path: /etc/docker/compose
+    state: directory
+    owner: root
+    group: root
+    mode: 0700

 # SSH
 - name: Copy sshd_config
  copy:
-    src: ../templates/sshd_config
+    src: ../files/sshd_config
    dest: /etc/ssh/sshd_config
    owner: root
    group: root
@ -37,7 +81,7 @@

 - name: Copy jail.conf
  copy:
-    src: ../templates/jail.conf
+    src: ../files/jail.conf
    dest: /etc/fail2ban/jail.conf
    owner: root
    group: root