diff options
Diffstat (limited to 'roles/common')
| -rw-r--r-- | roles/common/files/docker-compose@.service | 14 | ||||
| -rw-r--r-- | roles/common/files/jail.conf (renamed from roles/common/templates/jail.conf) | 0 | ||||
| -rw-r--r-- | roles/common/files/sshd_config (renamed from roles/common/templates/sshd_config) | 0 | ||||
| -rw-r--r-- | roles/common/tasks/main.yml | 56 |
4 files changed, 64 insertions, 6 deletions
diff --git a/roles/common/files/docker-compose@.service b/roles/common/files/docker-compose@.service new file mode 100644 index 0000000..05ed468 --- /dev/null +++ b/roles/common/files/docker-compose@.service @@ -0,0 +1,14 @@ +[Unit] +Description=%i service with docker compose +Requires=docker.service +After=docker.service + +[Service] +Type=oneshot +RemainAfterExit=true +WorkingDirectory=/etc/docker/compose/%i +ExecStart=/usr/bin/docker-compose up -d --remove-orphans +ExecStop=/usr/bin/docker-compose down + +[Install] +WantedBy=multi-user.target diff --git a/roles/common/templates/jail.conf b/roles/common/files/jail.conf index 2c37a26..2c37a26 100644 --- a/roles/common/templates/jail.conf +++ b/roles/common/files/jail.conf diff --git a/roles/common/templates/sshd_config b/roles/common/files/sshd_config index fb8efff..fb8efff 100644 --- a/roles/common/templates/sshd_config +++ b/roles/common/files/sshd_config diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index 7c97505..69e9c90 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -1,15 +1,59 @@ --- -# apt cache -- name: update apt cache - ansible.builtin.apt: +# docker +- name: install dependencies + apt: + name: + - apt-transport-https + - ca-certificates + - curl + - gnupg-agent + - software-properties-common + state: latest update_cache: yes - cache_valid_time: 3600 + +- name: docker GPG key + apt_key: + url: https://download.docker.com/linux/debian/gpg + state: present + +- name: repository docker + apt_repository: + repo: deb https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable + state: present + +- name: install docker + apt: + name: + - docker-ce + - docker-ce-cli + - containerd.io + state: latest + update_cache: yes + +- name: enable docker + service: name=docker state=restarted enabled=yes + +- name: copy docker-compose@.service + copy: + src: ../files/docker-compose@.service + dest: /etc/systemd/system/docker-compose@.service + owner: root + group: root + mode: u=rw,g=r,o=r + +- name: ensure /etc/docker/compose exist + file: + path: /etc/docker/compose + state: directory + owner: root + group: root + mode: 0700 # SSH - name: Copy sshd_config copy: - src: ../templates/sshd_config + src: ../files/sshd_config dest: /etc/ssh/sshd_config owner: root group: root @@ -37,7 +81,7 @@ - name: Copy jail.conf copy: - src: ../templates/jail.conf + src: ../files/jail.conf dest: /etc/fail2ban/jail.conf owner: root group: root |