Merge pull request '🚚 Migrate docker_host role to external project' (#311) from alex/netz39-infra-ansible:host-docker into master

Reviewed-on: Netz39_Admin/netz39-infra-ansible#311 Reviewed-by: dkdent <dkdent@netz39.de> Reviewed-by: Stefan Haun <tux@netz39.de>
2025-02-24 17:31:23 +01:00 · 2025-02-24 17:31:23 +01:00 · 5de9b8be40
commit 5de9b8be40
parent 2fe2420a10 cc41217ad8
15 changed files with 13 additions and 133 deletions
--- a/group-docker_host.yml
+++ b/group-docker_host.yml
@ -3,7 +3,7 @@
  become: true

  roles:
-    - role: docker_setup
+    - role: netz39.host_docker

 - hosts: docker_host:&location_space
  become: true
--- a/group_vars/docker_host/vars.yml
+++ b/group_vars/docker_host/vars.yml
@ -1,2 +1,3 @@
 ---
 docker_data_root: "/srv/docker"
+docker_cron_image_prune: true
--- a/host-krypton.yml
+++ b/host-krypton.yml
@ -19,7 +19,7 @@


  roles:
-    # role 'docker_setup' applied through group 'docker_host'
+    # role 'netz39.host_docker' applied through group 'docker_host'
    - role: apache
    - role: apache_letsencrypt  # Uses configuration from dehydrated setup
    - role: 24367dfa.dehydrated
--- a/host-pottwal.yml
+++ b/host-pottwal.yml
@ -3,7 +3,7 @@
  become: true

  roles:
-    # role 'docker_setup' applied through group 'docker_host'
+    # role 'netz39.host_docker' applied through group 'docker_host'
    - role: apache
    - role: apache_letsencrypt  # Uses configuration from dehydrated setup
    - role: 24367dfa.dehydrated
--- a/host-radon.yml
+++ b/host-radon.yml
@ -21,7 +21,7 @@
    brotherql_host_port: 9004

  roles:
-    # role 'docker_setup' applied through group 'docker_host'
+    # role 'netz39.host_docker' applied through group 'docker_host'
    - role: apache
    - role: apache_letsencrypt  # Uses configuration from dehydrated setup
    - role: 24367dfa.dehydrated
--- a/host-tau.yml
+++ b/host-tau.yml
@ -19,7 +19,7 @@
    discord_invite_domain: discord.netz39.de

  roles:
-    # role 'docker_setup' applied through group 'docker_host'
+    # role 'netz39.host_docker' applied through group 'docker_host'
    - role: apache
    - role: penguineer.dehydrated_cron

--- a/host-unicorn.yml
+++ b/host-unicorn.yml
@ -7,7 +7,7 @@
    data_dir: "/srv/data"

  roles:
-    # role 'docker_setup' applied through group 'docker_host'
+    # role 'netz39.host_docker' applied through group 'docker_host'

  tasks:
    - name: Setup the docker container for unifi-controller
--- a/host-wittgenstein.yml
+++ b/host-wittgenstein.yml
@ -3,9 +3,10 @@
  become: true

  roles:
-    - role: docker_setup
+    - role: netz39.host_docker
      vars:
        docker_data_root: "/srv/docker"
+        docker_cron_image_prune: true
    - role: apache
    - role: apache_letsencrypt  # Uses configuration from dehydrated setup
    - role: 24367dfa.dehydrated
--- a/renovate.json
+++ b/renovate.json
@ -11,17 +11,6 @@
      "matchStrings": [
        "image: (?<depName>.*?):(?<currentValue>.*?)(@(?<currentDigest>sha256:.*?))?\\s"
      ]
-    },
-    {
-      "fileMatch": [
-        "^roles/docker_setup/defaults/main.yml$"
-      ],
-      "datasourceTemplate": "github-release",
-      "versioningTemplate": "semver",
-      "depNameTemplate": "docker-compose",
-      "matchStrings": [
-        "docker_compose_version: (?<currentValue>.*?)\\s"
-      ]
    }
  ],
  "packageRules": [
@ -30,5 +19,4 @@
      "schedule": [ "on friday" ]
    }
  ]
-
-}
+}
--- a/requirements.yml
+++ b/requirements.yml
@ -16,6 +16,9 @@ roles:
    version: v1.1.0
  - src: lespocky.telegraf_docker_in_docker
    version: v0.2.1
+  - name: netz39.host_docker
+    src: git+https://github.com/netz39/ansible-role-host-docker.git
+    version: v0.3.0

 collections:
  - name: community.grafana
--- a/roles/docker_setup/defaults/main.yml
+++ b/roles/docker_setup/defaults/main.yml
@ -1,5 +0,0 @@
---
-docker_compose_version: "1.25.4"
-docker_compose_path: /usr/local/bin/docker-compose
-docker_data_root: "/var/lib/docker"
-docker_storage_driver: "overlay2"
--- a/roles/docker_setup/handlers/main.yml
+++ b/roles/docker_setup/handlers/main.yml
@ -1,6 +0,0 @@
---
- name: restart docker
-  service:
-    name: docker
-    state: restarted
-    enabled: yes
--- a/roles/docker_setup/tasks/main.yml
+++ b/roles/docker_setup/tasks/main.yml
@ -1,91 +0,0 @@
-# This file is a mash-up of:
-#   https://github.com/geerlingguy/ansible-role-docker/blob/master/tasks/docker-compose.yml
-#   https://www.digitalocean.com/community/tutorials/how-to-install-docker-compose-on-debian-9
-#   and our own stuff …
---
- name: Gather package facts
-  package_facts:
-    manager: "auto"
-
- name: Exit if docker.io is installed
-  fail:
-    msg: "Please remove docker.io (Debian vanilla docker package) first!"
-  when: "'docker.io' in ansible_facts.packages"
-
- name: Install Docker APT deps
-  package:
-    name: "{{ packages }}"
-    state: present
-  vars:
-    packages:
-      - apt-transport-https
-      - ca-certificates
-      - gnupg2
-      - software-properties-common
-
- name: add Docker apt-key
-  apt_key:
-    url: https://download.docker.com/linux/debian/gpg
-    state: present
-
- name: add Docker's APT repository
-  ansible.builtin.template:
-    src: templates/docker.list.j2
-    dest: /etc/apt/sources.list.d/docker.list
-  register: apt_repo
-
- name: Update package cache  # noqa: no-handler
-  ansible.builtin.apt:
-    update_cache: true
-  when: apt_repo.changed
-
- name: install Docker
-  package:
-    name: "{{ packages }}"
-    state: present
-  vars:
-    packages:
-      - docker-ce
-      - python3-docker
-
- name: Set docker configuration
-  template:
-    src: templates/daemon.json.j2
-    dest: /etc/docker/daemon.json
-    mode: "0644"
-  notify: restart docker
-
- name: Check current docker-compose version.
-  command: docker-compose --version
-  register: docker_compose_current_version
-  changed_when: false
-  failed_when: false
-
- name: Delete existing docker-compose version if it's different.
-  file:
-    path: "{{ docker_compose_path }}"
-    state: absent
-  when: >
-    docker_compose_current_version.stdout is defined
-    and docker_compose_version not in docker_compose_current_version.stdout
-
- name: Install Docker Compose (if configured).
-  get_url:
-    url: https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-Linux-x86_64
-    dest: "{{ docker_compose_path }}"
-    mode: "0755"
-
- name: Place admin users in docker group
-  user:
-    name: "{{ item.logname }}"
-    groups: [docker]
-    append: yes
-  when: item.docker
-  with_items: "{{ users }}"
-
- name: Ensure that docker image prune cron job is present.
-  ansible.builtin.cron:
-    name: docker image prune
-    special_time: weekly
-    user: root
-    job: "docker image prune --all --force"
--- a/roles/docker_setup/templates/daemon.json.j2
+++ b/roles/docker_setup/templates/daemon.json.j2
@ -1,9 +0,0 @@
-{
-    "exec-opts": ["native.cgroupdriver=systemd"],
-    "log-driver": "json-file",
-        "log-opts": {
-            "max-size": "100m"
-        },
-    "data-root": "{{ docker_data_root }}",
-    "storage-driver": "{{ docker_storage_driver }}"
-}
--- a/roles/docker_setup/templates/docker.list.j2
+++ b/roles/docker_setup/templates/docker.list.j2
@ -1,2 +0,0 @@
-deb https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable
-
				`@ -1,2 +0,0 @@`
				`deb https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable`