add docker to common setup

This commit is contained in:
Elizabeth Hunt 2024-01-03 01:03:22 -05:00
parent 807637e9a4
commit 365641c4b5
5 changed files with 66 additions and 6 deletions

2
.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
**/*.swp
*.swp

View File

@ -0,0 +1,14 @@
[Unit]
Description=%i service with docker compose
Requires=docker.service
After=docker.service
[Service]
Type=oneshot
RemainAfterExit=true
WorkingDirectory=/etc/docker/compose/%i
ExecStart=/usr/bin/docker-compose up -d --remove-orphans
ExecStop=/usr/bin/docker-compose down
[Install]
WantedBy=multi-user.target

View File

@ -1,15 +1,59 @@
--- ---
# apt cache # docker
- name: update apt cache - name: install dependencies
ansible.builtin.apt: apt:
name:
- apt-transport-https
- ca-certificates
- curl
- gnupg-agent
- software-properties-common
state: latest
update_cache: yes update_cache: yes
cache_valid_time: 3600
- name: docker GPG key
apt_key:
url: https://download.docker.com/linux/debian/gpg
state: present
- name: repository docker
apt_repository:
repo: deb https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable
state: present
- name: install docker
apt:
name:
- docker-ce
- docker-ce-cli
- containerd.io
state: latest
update_cache: yes
- name: enable docker
service: name=docker state=restarted enabled=yes
- name: copy docker-compose@.service
copy:
src: ../files/docker-compose@.service
dest: /etc/systemd/system/docker-compose@.service
owner: root
group: root
mode: u=rw,g=r,o=r
- name: ensure /etc/docker/compose exist
file:
path: /etc/docker/compose
state: directory
owner: root
group: root
mode: 0700
# SSH # SSH
- name: Copy sshd_config - name: Copy sshd_config
copy: copy:
src: ../templates/sshd_config src: ../files/sshd_config
dest: /etc/ssh/sshd_config dest: /etc/ssh/sshd_config
owner: root owner: root
group: root group: root
@ -37,7 +81,7 @@
- name: Copy jail.conf - name: Copy jail.conf
copy: copy:
src: ../templates/jail.conf src: ../files/jail.conf
dest: /etc/fail2ban/jail.conf dest: /etc/fail2ban/jail.conf
owner: root owner: root
group: root group: root