teuserer/netz39-infra-ansible
1
0
Fork 0
forked from Netz39_Admin/netz39-infra-ansible
Code Pull requests Activity

Merge pull request '🚚 Migrate docker_host role to external project' () from alex/netz39-infra-ansible:host-docker into master

Browse source 
Reviewed-on: 
Reviewed-by: dkdent <dkdent@netz39.de>
Reviewed-by: Stefan Haun <tux@netz39.de>
This commit is contained in:
Alexander Dahl 2025-02-24 17:31:23 +01:00
commit 5de9b8be40
15 changed files with 13 additions and 133 deletions

2
group-docker_host.yml
View file

@ -3,7 +3,7 @@
become: true become: true
roles: roles:
- role: docker_setup - role: netz39.host_docker
- hosts: docker_host:&location_space - hosts: docker_host:&location_space
become: true become: true

1
group_vars/docker_host/vars.yml
View file

@ -1,2 +1,3 @@
--- ---
docker_data_root: "/srv/docker" docker_data_root: "/srv/docker"
docker_cron_image_prune: true

2
host-krypton.yml
View file

@ -19,7 +19,7 @@
roles: roles:
# role 'docker_setup' applied through group 'docker_host' # role 'netz39.host_docker' applied through group 'docker_host'
- role: apache - role: apache
- role: apache_letsencrypt # Uses configuration from dehydrated setup - role: apache_letsencrypt # Uses configuration from dehydrated setup
- role: 24367dfa.dehydrated - role: 24367dfa.dehydrated

2
host-pottwal.yml
View file

@ -3,7 +3,7 @@
become: true become: true
roles: roles:
# role 'docker_setup' applied through group 'docker_host' # role 'netz39.host_docker' applied through group 'docker_host'
- role: apache - role: apache
- role: apache_letsencrypt # Uses configuration from dehydrated setup - role: apache_letsencrypt # Uses configuration from dehydrated setup
- role: 24367dfa.dehydrated - role: 24367dfa.dehydrated

2
host-radon.yml
View file

@ -21,7 +21,7 @@
brotherql_host_port: 9004 brotherql_host_port: 9004
roles: roles:
# role 'docker_setup' applied through group 'docker_host' # role 'netz39.host_docker' applied through group 'docker_host'
- role: apache - role: apache
- role: apache_letsencrypt # Uses configuration from dehydrated setup - role: apache_letsencrypt # Uses configuration from dehydrated setup
- role: 24367dfa.dehydrated - role: 24367dfa.dehydrated

2
host-tau.yml
View file

@ -19,7 +19,7 @@
discord_invite_domain: discord.netz39.de discord_invite_domain: discord.netz39.de
roles: roles:
# role 'docker_setup' applied through group 'docker_host' # role 'netz39.host_docker' applied through group 'docker_host'
- role: apache - role: apache
- role: penguineer.dehydrated_cron - role: penguineer.dehydrated_cron

2
host-unicorn.yml
View file

@ -7,7 +7,7 @@
data_dir: "/srv/data" data_dir: "/srv/data"
roles: roles:
# role 'docker_setup' applied through group 'docker_host' # role 'netz39.host_docker' applied through group 'docker_host'
tasks: tasks:
- name: Setup the docker container for unifi-controller - name: Setup the docker container for unifi-controller

3
host-wittgenstein.yml
View file

@ -3,9 +3,10 @@
become: true become: true
roles: roles:
- role: docker_setup - role: netz39.host_docker
vars: vars:
docker_data_root: "/srv/docker" docker_data_root: "/srv/docker"
docker_cron_image_prune: true
- role: apache - role: apache
- role: apache_letsencrypt # Uses configuration from dehydrated setup - role: apache_letsencrypt # Uses configuration from dehydrated setup
- role: 24367dfa.dehydrated - role: 24367dfa.dehydrated

14
renovate.json
View file

@ -11,17 +11,6 @@
"matchStrings": [ "matchStrings": [
"image: (?<depName>.*?):(?<currentValue>.*?)(@(?<currentDigest>sha256:.*?))?\\s" "image: (?<depName>.*?):(?<currentValue>.*?)(@(?<currentDigest>sha256:.*?))?\\s"
] ]
},
{
"fileMatch": [
"^roles/docker_setup/defaults/main.yml$"
],
"datasourceTemplate": "github-release",
"versioningTemplate": "semver",
"depNameTemplate": "docker-compose",
"matchStrings": [
"docker_compose_version: (?<currentValue>.*?)\\s"
]
} }
], ],
"packageRules": [ "packageRules": [
@ -30,5 +19,4 @@
"schedule": [ "on friday" ] "schedule": [ "on friday" ]
} }
] ]
}
}

3
requirements.yml
View file

@ -16,6 +16,9 @@ roles:
version: v1.1.0 version: v1.1.0
- src: lespocky.telegraf_docker_in_docker - src: lespocky.telegraf_docker_in_docker
version: v0.2.1 version: v0.2.1
- name: netz39.host_docker
src: git+https://github.com/netz39/ansible-role-host-docker.git
version: v0.3.0
collections: collections:
- name: community.grafana - name: community.grafana

5
roles/docker_setup/defaults/main.yml
View file

@ -1,5 +0,0 @@
---
docker_compose_version: "1.25.4"
docker_compose_path: /usr/local/bin/docker-compose
docker_data_root: "/var/lib/docker"
docker_storage_driver: "overlay2"

6
roles/docker_setup/handlers/main.yml
View file

@ -1,6 +0,0 @@
---
- name: restart docker
service:
name: docker
state: restarted
enabled: yes

91
roles/docker_setup/tasks/main.yml
View file

@ -1,91 +0,0 @@
# This file is a mash-up of:
# https://github.com/geerlingguy/ansible-role-docker/blob/master/tasks/docker-compose.yml
# https://www.digitalocean.com/community/tutorials/how-to-install-docker-compose-on-debian-9
# and our own stuff …
---
- name: Gather package facts
package_facts:
manager: "auto"
- name: Exit if docker.io is installed
fail:
msg: "Please remove docker.io (Debian vanilla docker package) first!"
when: "'docker.io' in ansible_facts.packages"
- name: Install Docker APT deps
package:
name: "{{ packages }}"
state: present
vars:
packages:
- apt-transport-https
- ca-certificates
- gnupg2
- software-properties-common
- name: add Docker apt-key
apt_key:
url: https://download.docker.com/linux/debian/gpg
state: present
- name: add Docker's APT repository
ansible.builtin.template:
src: templates/docker.list.j2
dest: /etc/apt/sources.list.d/docker.list
register: apt_repo
- name: Update package cache # noqa: no-handler
ansible.builtin.apt:
update_cache: true
when: apt_repo.changed
- name: install Docker
package:
name: "{{ packages }}"
state: present
vars:
packages:
- docker-ce
- python3-docker
- name: Set docker configuration
template:
src: templates/daemon.json.j2
dest: /etc/docker/daemon.json
mode: "0644"
notify: restart docker
- name: Check current docker-compose version.
command: docker-compose --version
register: docker_compose_current_version
changed_when: false
failed_when: false
- name: Delete existing docker-compose version if it's different.
file:
path: "{{ docker_compose_path }}"
state: absent
when: >
docker_compose_current_version.stdout is defined
and docker_compose_version not in docker_compose_current_version.stdout
- name: Install Docker Compose (if configured).
get_url:
url: https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-Linux-x86_64
dest: "{{ docker_compose_path }}"
mode: "0755"
- name: Place admin users in docker group
user:
name: "{{ item.logname }}"
groups: [docker]
append: yes
when: item.docker
with_items: "{{ users }}"
- name: Ensure that docker image prune cron job is present.
ansible.builtin.cron:
name: docker image prune
special_time: weekly
user: root
job: "docker image prune --all --force"

9
roles/docker_setup/templates/daemon.json.j2
View file

@ -1,9 +0,0 @@
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"data-root": "{{ docker_data_root }}",
"storage-driver": "{{ docker_storage_driver }}"
}

2
roles/docker_setup/templates/docker.list.j2
View file

@ -1,2 +0,0 @@
deb https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable