{"id":23637025,"url":"https://github.com/ansibleguy/infra_docker_minimal","last_synced_at":"2025-08-11T06:19:08.494Z","repository":{"id":53920704,"uuid":"413978129","full_name":"ansibleguy/infra_docker_minimal","owner":"ansibleguy","description":"Ansible Role to provision Docker","archived":false,"fork":false,"pushed_at":"2025-02-15T12:32:15.000Z","size":83,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"latest","last_synced_at":"2025-05-29T13:10:55.780Z","etag":null,"topics":["ansible","ansible-role","automation","docker","iac","infrastructure-as-code"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ansibleguy.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"ko_fi":"ansible0guy","github":"ansibleguy"}},"created_at":"2021-10-05T21:02:23.000Z","updated_at":"2025-02-15T12:32:19.000Z","dependencies_parsed_at":"2024-05-15T14:43:01.940Z","dependency_job_id":"ef70c2d1-3241-4b60-b377-71bcdab0d089","html_url":"https://github.com/ansibleguy/infra_docker_minimal","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/ansibleguy/infra_docker_minimal","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ansibleguy%2Finfra_docker_minimal","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ansibleguy%2Finfra_docker_minimal/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ansibleguy%2Finfra_docker_minimal/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ansibleguy%2Finfra_docker_minimal/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ansibleguy","download_url":"https://codeload.github.com/ansibleguy/infra_docker_minimal/tar.gz/refs/heads/latest","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ansibleguy%2Finfra_docker_minimal/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":269838521,"owners_count":24483229,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-11T02:00:10.019Z","response_time":75,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","ansible-role","automation","docker","iac","infrastructure-as-code"],"created_at":"2024-12-28T06:17:26.573Z","updated_at":"2025-08-11T06:19:08.486Z","avatar_url":"https://github.com/ansibleguy.png","language":null,"funding_links":["https://ko-fi.com/ansible0guy","https://github.com/sponsors/ansibleguy"],"categories":[],"sub_categories":[],"readme":"# Ansible Role - Docker Setup\n\nAnsible Role to deploy a basic docker installation on a linux server.\n\n[![Lint](https://github.com/ansibleguy/infra_docker_minimal/actions/workflows/lint.yml/badge.svg)](https://github.com/ansibleguy/infra_docker_minimal/actions/workflows/lint.yml)\n[![Ansible Galaxy](https://badges.ansibleguy.net/galaxy.badge.svg)](https://galaxy.ansible.com/ui/standalone/roles/ansibleguy/infra_docker_minimal)\n\n**Molecule Integration-Tests**:\n\n* Status: [![Molecule Test Status](https://badges.ansibleguy.net/infra_docker_minimal.molecule.svg)](https://github.com/ansibleguy/_meta_cicd/blob/latest/templates/usr/local/bin/cicd/molecule.sh.j2) |\n[![Functional-Tests](https://github.com/ansibleguy/infra_docker_minimal/actions/workflows/integration_test_result.yml/badge.svg)](https://github.com/ansibleguy/infra_docker_minimal/actions/workflows/integration_test_result.yml)\n* Logs: [API](https://ci.ansibleguy.net/api/job/ansible-test-molecule-infra_docker_minimal/logs?token=2b7bba30-9a37-4b57-be8a-99e23016ce70\u0026lines=1000) | [Short](https://badges.ansibleguy.net/log/molecule_infra_docker_minimal_test_short.log) | [Full](https://badges.ansibleguy.net/log/molecule_infra_docker_minimal_test.log)\n\nInternal CI: [Tester Role](https://github.com/ansibleguy/_meta_cicd) | [Jobs API](https://github.com/O-X-L/github-self-hosted-jobs-systemd)\n\n\n**Tested:**\n* Debian 11\n* Debian 12\n\n----\n\n## Install\n\n```bash\n# latest\nansible-galaxy role install git+https://github.com/ansibleguy/infra_docker_minimal\n\n# from galaxy\nansible-galaxy install ansibleguy.infra_docker_minimal\n\n# or to custom role-path\nansible-galaxy install ansibleguy.infra_docker_minimal --roles-path ./roles\n```\n\n----\n\n## Usage\n\n### Config\n\nYou can configure docker using the 'docker' variable/dictionary.\n\n```yaml\ndocker:\n  tcp:\n    enable: true  # enable docker-service listening on tcp\n    bind: '0.0.0.0'\n\n  compose:\n    enable: true  # install docker-compose\n    plugin: true  # default; install docker-compose-plugin ('docker compose' instead of 'docker-compose')\n\n  tls:\n    enable: true\n    cert: '/etc/ssl/certs/docker.crt'\n    key: '/etc/ssl/private/docker.pem'\n    # ca: '/etc/ssl/certs/docker.ca.crt'\n    # verify_client: true\n\n  nftables:\n    clean: true  # set bridge_none, disable_iptables and reload to true\n    bridge_none: false  # set bridge=none argument on docker-startup\n    disable_iptables: false  # set iptables=false argument on docker-startup\n    reload: false  # reload nftables after a docker.service restart to remove its auto-added iptables-rules\n```\n\n### Execution\n\nRun the playbook:\n```bash\nansible-playbook -K -D -i inventory/hosts.yml playbook.yml\n```\n\n----\n\n## Functionality\n\nTo keep it short =\u003e it will set-up docker like described [here](https://docs.docker.com/engine/install/debian/).\n\nThere is also an option to install docker-compose on the target host.\n\n* **Package installation**\n  * Docker prerequisites\n  * Docker base-packages\n\n\n  * **Default opt-outs**:\n    * docker-compose\n\n  * **Default opt-ins**:\n    * docker server component (_else only client will be installed_)\n\n----\n\n## Info\n\n* **Note:** This role currently only supports debian-based systems\n\n* **Note:** If you are using [NFTables](https://netfilter.org/projects/nftables/index.html) you will have problems running docker.\n\n  Docker does not support NFTables natively. The 'docker-ce'/'docker-ce-cli' package has IPTables set as its dependency.\n\n  One CAN keep the NFTables ruleset clean when running docker with the parameter 'iptables=false'. It is even cleaner if 'bridge=none' is set!\n\n  After that only a few IPTables rules are added. To completely eliminate this docker-ruleset one needs to reload NFTables whenever docker is restarted.\n\n  This Ansible role lets you configure this behaviour as can be seen in the example below!\n\n  If you use NFTables you might also want to look into the [ansibleguy.infra_nftables](https://github.com/ansibleguy/infra_nftables) role!\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fansibleguy%2Finfra_docker_minimal","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fansibleguy%2Finfra_docker_minimal","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fansibleguy%2Finfra_docker_minimal/lists"}