blob: a156e4edc0b33dabb20a8f2b3c8dece3b2367b70 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
---
- name: Install dependencies
ansible.builtin.apt:
name:
- apt-transport-https
- ca-certificates
- curl
- gnupg-agent
- software-properties-common
state: present
update_cache: true
- name: Docker GPG key
become: true
ansible.builtin.apt_key:
url: >
https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg
state: present
- name: Repository docker
ansible.builtin.apt_repository:
repo: >
deb https://download.docker.com/linux/{{ ansible_distribution | lower }}
{{ ansible_distribution_release }} stable
state: present
- name: Install docker
ansible.builtin.apt:
name:
- docker-ce
- docker-ce-cli
- containerd.io
state: present
update_cache: true
notify:
- Enable docker
- name: Copy docker rollout script
ansible.builtin.copy:
src: docker-rollout
dest: /usr/local/bin/docker-rollout
mode: 0755
- name: Copy docker-compose@.service
ansible.builtin.copy:
src: docker-compose@.service
dest: /etc/systemd/system/docker-compose@.service
- name: Ensure /etc/docker/compose exist
ansible.builtin.file:
path: /etc/docker/compose
state: directory
mode: 0700
- name: Allow all traffic from Docker subnets
community.general.ufw:
rule: allow
from_ip: "172.16.0.0/12"
to_ip: "any"
notify:
- Reload ufw
|
