{"id":19804081,"url":"https://github.com/djuuu/ansible-role-docker-project","last_synced_at":"2026-05-05T09:32:34.562Z","repository":{"id":260930110,"uuid":"882728224","full_name":"Djuuu/ansible-role-docker-project","owner":"Djuuu","description":"Base role for Docker Compose projects","archived":false,"fork":false,"pushed_at":"2025-01-11T22:57:44.000Z","size":37,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-02-24T03:57:02.346Z","etag":null,"topics":["ansible","ansible-role","docker","docker-compose"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Djuuu.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-11-03T15:54:46.000Z","updated_at":"2025-01-11T22:57:47.000Z","dependencies_parsed_at":"2024-11-22T20:31:43.155Z","dependency_job_id":null,"html_url":"https://github.com/Djuuu/ansible-role-docker-project","commit_stats":null,"previous_names":["djuuu/ansible-role-docker-project"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Djuuu%2Fansible-role-docker-project","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Djuuu%2Fansible-role-docker-project/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Djuuu%2Fansible-role-docker-project/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Djuuu%2Fansible-role-docker-project/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Djuuu","download_url":"https://codeload.github.com/Djuuu/ansible-role-docker-project/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":241144851,"owners_count":19917360,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","ansible-role","docker","docker-compose"],"created_at":"2024-11-12T08:02:50.853Z","updated_at":"2026-05-05T09:32:34.548Z","avatar_url":"https://github.com/Djuuu.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"Ansible Role: Docker-project\n============================\n\nBase role for Docker Compose projects.\n\nRequirements\n------------\n\n- Docker CLI with Docker compose plugin 2.18.0 or later\n- Ansible \u003e=2.11.0\n\nRole Variables\n--------------\n\nCommon Docker projects variables:\n\n### Project name\n```yaml\ndocker_project_name: # example-project\n```\n\nProject name should be set in concrete roles using this role as a base.\n\nThis variable is derived into the following 2 variables:\n- `docker_project_slug` _(slugified project name, with `-` separators)_  \n  Determines:  \n  - directory where project will be installed\n  - default service subdomain\n  - misc. Traefik keys (service \u0026 router, middleware prefix)  \n- `docker_project_prefix` _(slugified project name, with `_` separators)_  \n  Used as [dynamic variables](#dynamic-variables) prefix  \n\nImplementation example:\n* `example-role/defaults/main.yml`\n  ```yaml\n  example_role_project_name: example\n  ```\n* `example-role/vars/main.yml`\n  ```yaml\n  docker_project_name: \"{{ example_role_project_name }}\"\n  ```\n\n### Base directory for Docker projects\n```yaml\ndocker_projects_path: # /var/apps\n```\n\n### Base domain suffixes\n```yaml\n# Local machine domain\nlocal_base_domain: internal\n\n# Exposed service domain\nexposed_base_domain: # example.net\n```\nThese domains suffixes are used to build Traefik default rule in\n[djuuu.traefik_docker](https://github.com/Djuuu/ansible-role-traefik-docker),\nalong with optional `{{ docker_project_prefix }}_traefik_subdomain` [dynamic variable](#dynamic-variables). \n\nSee:\n- https://github.com/Djuuu/ansible-role-traefik-docker/blob/main/templates/docker-compose.yml.j2#L48-L52\n- https://doc.traefik.io/traefik/providers/docker/#defaultrule\n\n### Additional allowed origins\n```yaml\ndocker_project_allowed_origins: []\n#  - https://dashboard.example.net\n```\nUsed in `csp-add-frame-ancestors@file` and `{{ docker_project_slug }}-cors@docker` middlewares from\n[djuuu.traefik_docker](https://github.com/Djuuu/ansible-role-traefik-docker) role.\n\n\n### Dynamic variables\n\nVariables constructed from `docker_project_name` value can be used to configure: \n\n- _`{{ docker_project_prefix }}`_**`_restart`**  \n  Container restart policy (default: `\"unless-stopped\"`)\n\n* Traefik integration (see [djuuu.traefik_docker](https://github.com/Djuuu/ansible-role-traefik-docker) role)\n\n  - _`{{ docker_project_prefix }}`_**`_traefik_enable`**  \n    Should Traefik expose service? (default: `false`)  \n\n  - _`{{ docker_project_prefix }}`_**`_traefik_domain`**  \n    Domain used to expose service (note: takes precedence over `_traefik_subdomain`)  \n\n  - _`{{ docker_project_prefix }}`_**`_traefik_subdomain`**  \n    Subdomain used to expose service (concatenated with `local_base_domain` / `exposed_base_domain`).  \n\n  - _`{{ docker_project_prefix }}`_**`_traefik_router_service`**  \n    Service name targeted by Traefik router  \n\n  - _`{{ docker_project_prefix }}`_**`_traefik_loadbalancer_server_port`**  \n    Port targeted by Traefik router  \n\n  - _`{{ docker_project_prefix }}`_**`_traefik_loadbalancer_server_scheme`** (default: `\"http\"`)  \n    Scheme targeted by Traefik router  \n\n  - _`{{ docker_project_prefix }}`_**`_traefik_entrypoints`** (default: `\"https\"`)  \n    Traefik router entrypoints  \n\n  - _`{{ docker_project_prefix }}`_**`_traefik_middlewares`**  \n    Traefik router middlewares  \n\n  - _`{{ docker_project_prefix }}`_**`_traefik_define_internal_route`** (default: `false`)  \n    Should an internal route be defined (restricted to `traefik_internal_networks`)\n\n  - _`{{ docker_project_prefix }}`_**`_traefik_middlewares_internal`**  \n    Traefik router middlewares applied on internal route\n\n  - _`{{ docker_project_prefix }}`_**`_access_control_max_age`** (default: `100`)  \n  - _`{{ docker_project_prefix }}`_**`_access_control_allow_methods`** (default: `\"*\"`)  \n  - _`{{ docker_project_prefix }}`_**`_access_control_allow_headers`** (default: `\"*\"`)  \n    CORS settings when `{{ docker_project_slug }}-cors@docker` middleware is enabled  \n\n  - _`{{ docker_project_prefix }}`_**`_traefik_custom_labels`**  \n    Additional Traefik labels  \n\n* Network\n  - _`{{ docker_project_prefix }}`_**`_network_mode`** (default: `bridge`)  \n    Network mode (ex: `host`)  \n  - _`{{ docker_project_prefix }}`_**`_network_ipv4_subnet`**  \n  - _`{{ docker_project_prefix }}`_**`_network_ipv6_subnet`**  \n    Optional default network IP subnets  \n\n* Additional docker compose options\n\n  - _`{{ docker_project_prefix }}`_**`_service_additional_options`**  \n    Main service additional docker-compose options (ex: cpu_shares, deploy, ...)\n  - _`{{ docker_project_prefix }}`_**`_service_additional_labels`**\n    Main service additional docker-compose labels (ex: wud.tag.include, ...)\n  - _`{{ docker_project_prefix }}`_**`_compose_additional_options`**  \n    Top-level additional docker-compose options\n\nWhen set, dynamic variables are set into equivalent variables prefixed with `docker_project_`  \n(ex: `docker_project_traefik_domain`, `docker_project_compose_additional_options`, etc.)\n\n### Generated variables\n\nThese variables are computed from other variables and can be used in roles:\n\n- `docker_project_path`=`\"{{ docker_projects_path }}/{{ docker_project_slug }}\"`  \n  Target directory of current project installation.  \n  Should be used in depending role.  \n\n- `traefik_domains`  \n  list of fully qualified domains used to expose service (internal use)  \n  ex: `['hello-world.example.net', 'hello-world.local']`  \n\n- `traefik_domain_label`  \n  Traefik routing rule label when using domain configuration (internal use)  \n  ex: ``traefik.http.routers.hello-world.rule: Host(`hello-world.example.net`)``  \n\n- `traefik_subdomain_label`  \n  Traefik routing rule label when using subdomain configuration (internal use)  \n  ex: `net.example.subdomain: hello-world`  \n\n- **`traefik_project_base_host_rules`**  \n  Host rules used in Traefik routing rules.  \n  Can be useful when adding custom routing rules (`{{ docker_project_prefix }}_traefik_custom_labels`)  \n  ex: ``(Host(`hello-world.example.net`) || Host(`hello-world.local`))``  \n\n- **`traefik_project_base_labels`**  \n  Generated Traefik labels.  \n  Should be added to the `labels` section of your service Docker Compose configuration.  \n  ex:  \n  ```yaml  \n  traefik.enable: true  \n  net.example.subdomain: hello-world  \n  # ...  \n  ```  \n\n- **`docker_project_service_network_options`**  \n  Service `network_mode` or `networks` attributes.  \n  ex:  \n  ```yaml  \n  network_mode: host # from `docker_project_network_mode` dynamic var\n  ```  \n  or:  \n  ```yaml  \n  networks:\n    - default\n    - other # from `docker_project_additional_networks` dynamic var\n  ```  \n\n- **`docker_project_default_network`**  \n  Generated default network configuration.  \n  Should be added to the `networks` section of your Docker Compose configuration.  \n  ex:  \n  ```yaml  \n  default:  \n    driver: bridge  \n    ipam:  \n      driver: default  \n      config:  \n        - subnet: 172.18.0.0/16  \n        - subnet: 2001:db8:0001:0001::/64  \n    enable_ipv6: true  \n  ```  \n\n### Other variables\n\n```yaml\n# Path to the Docker CLI (Community.Docker modules argument)\n# https://docs.ansible.com/ansible/latest/collections/community/docker/index.html\ndocker_cli:\n\n# Path to the Docker Compose CLI (when using legacy docker-compose plugin)\ndocker_compose_cli:\n```\n\nThe following computed variables are available for convenience:\n- `docker_cmd`:  \n  uses `docker_cli` if set, or defaults to 'docker'\n- `docker_compose_cmd`:  \n  uses `docker_compose_cli` if set, or defaults to `{{ docker_cmd }} compose`\n\n```yaml\npull: false\n```\nPulls image before starting container in `compose-up` task (intended as extra var).\n\nExample role implementation\n---------------------------\n\nRole example:\n\n* `hello_world/meta/main.yml`\n  ```yaml\n  galaxy_info:\n    role_name: hello_world\n  \n  dependencies:\n    - name: djuuu.docker_project\n      src: https://github.com/Djuuu/ansible-role-docker-project\n      version: main\n  ```\n* `hello_world/defaults/main.yml`\n  ```yaml\n  hello_world_project_name: hello-world\n  ```\n* `my-example/vars/main.yml`\n  ```yaml\n  docker_project_name: \"{{ hello_world_project_name }}\"\n  ```\n* `hello_world/tasks/main.yml`\n  ```yaml\n  ## Init\n  - name: Ensure project directory exists\n    ansible.builtin.file:\n      path: \"{{ docker_project_path }}\"\n      state: directory\n      mode: '0755'\n    tags: [\"init\"]\n  \n  ## Configure\n  - name: Template docker-compose.yml\n    ansible.builtin.template:\n      src: docker-compose.yml.j2\n      dest: \"{{ docker_project_path }}/docker-compose.yml\"\n      mode: '0644'\n      validate: \"{{ docker_compose_cmd }} -f %s config\"\n      backup: true\n  \n  ## Run\n  - name: Start app\n    ansible.builtin.include_role: { name: djuuu.docker_project, tasks_from: compose-up }\n  ```\n* `hello_world/templates/docker-compose.yml.j2`\n  ```yaml\n  name: {{ docker_project_slug }}\n\n  services:\n\n    hello_world:\n      image: hello-world\n      container_name: {{ docker_project_slug }}\n      restart: {{ docker_project_restart }}\n  \n      {{ docker_project_service_network_options | indent(4) }}\n\n      {{ docker_project_service_additional_options | indent(4) }}\n\n      labels:\n        {{ traefik_project_base_labels | indent(6) }}\n        {{ docker_project_service_additional_labels | indent(6) }}\n\n  {{ docker_project_networks }}\n\n  {{ docker_project_compose_additional_options }}\n  ```\n\nConfiguration example with dynamic vars:\n\n* `host_vars/example/hello.yml`\n```yaml\nhello_world_project_name: \"hey-there\"\n\n# Dynamic variables\n\nhey_there_traefik_enable: true\n\nhey_there_traefik_domain: example.net \nhey_there_traefik_subdomain: hey\n\nhey_there_traefik_router_service: hello \nhey_there_traefik_loadbalancer_server_port: 1234 \nhey_there_traefik_entrypoints: http,https\nhey_there_traefik_middlewares: \n  - \"internal-access@file\"                  # see djuuu.traefik_docker templates/dynamic-conf/middlewares/internal-access.yml.j2\n  - \"csp-add-frame-ancestors@file\"          # see djuuu.traefik_docker templates/dynamic-conf/middlewares/csp-add-frame-ancestors.yml.j2\n  - \"{{ docker_project_slug }}-cors@docker\" # see tasks/_init_traefik_vars.yml\n    \nhey_there_access_control_max_age:       60\nhey_there_access_control_allow_methods: \"OPTIONS, HEAD, GET\"\nhey_there_access_control_allow_headers: \"X-Custom-Header, Upgrade-Insecure-Requests\"\n  \nhey_there_traefik_custom_labels: |-\n  hello-label: hey there\n  other-label: example\n\nhey_there_network_mode: bridge\n\nhey_there_additional_networks:\n  - example_net\n  \nhey_there_network_ipv4_subnet: 172.18.0.0/16\nhey_there_network_ipv6_subnet: 2001:db8:0001:0001::/64\n\nhey_there_service_additional_options: |\n  cpu_shares: 10\n  deploy:\n    resources:\n      limits:\n        memory: 128M\n  ports:\n    - \"1234:1234\"\n\nhey_there_compose_additional_options: |\n  x-example:\n    title: This is an example\n```\n\nDependencies\n------------\n\nNone.\n\nSome variables allow integration with:\n- [djuuu.traefik_docker](https://github.com/Djuuu/ansible-role-traefik-docker)\n\nExample Playbooks\n-----------------\n\nRole is not intended to be run as-is, but as a dependency in other roles.\n\nHowever, there are some available tasks that can be used independently:\n\n**`compose-ps`**\n```yaml\n- name: List Docker Compose projects status\n  hosts: all\n  gather_facts: false\n\n  vars:\n    docker_projects:\n      - my-project\n      - other-project\n    \n  tasks:\n    - name: Docker compose ps\n      ansible.builtin.include_role:\n        name: djuuu.docker_project\n        tasks_from: compose-ps\n      vars:\n        docker_project_name: \"{{ item.name | default(item) }}\"\n        project_restart: \"{{ item.restart | default(true) }}\"\n      loop: \"{{ docker_projects | default([]) }}\"\n```\n\n**`compose-update`**\n```yaml\n- name: Update Docker Compose projects\n  hosts: all\n  gather_facts: false\n\n  vars:\n    docker_projects:\n      - \"my-project\"\n      - { name: \"other-project\", restart: false } # on-demand service without running container\n\n  tasks:\n\n    - name: Docker compose update\n      ansible.builtin.include_role:\n        name: djuuu.docker_project\n        tasks_from: compose-update\n      vars:\n        docker_project_name: \"{{ item.name | default(item) }}\"\n        docker_project_restart: \"{{ item.restart | default(true) }}\"\n      loop: \"{{ docker_projects | default([]) }}\"\n\n    - name: Docker system prune\n      ansible.builtin.include_role:\n        name: djuuu.docker_project\n        tasks_from: system-prune\n```\n\n**`compose-up`**\n```yaml\n- name: Start Docker Compose project\n  hosts: example\n  gather_facts: false\n  vars:\n    docker_project_name: my-project\n  tasks:\n    - name: Start app\n      ansible.builtin.include_role:\n        name: djuuu.docker_project\n        tasks_from: compose-up\n```\n\n**`compose-restart`**\n```yaml\n- name: Restart Docker Compose project\n  hosts: example\n  gather_facts: false\n  vars:\n    docker_project_name: my-project\n  tasks:\n    - name: Restart app\n      ansible.builtin.include_role: \n        name: djuuu.docker_project\n        tasks_from: compose-restart\n```\n\n**`system-prune`**\n```yaml\n- name: Docker system prune\n  hosts: all\n  gather_facts: false\n  tasks:\n    - name: Docker system prune\n      ansible.builtin.include_role:\n        name: djuuu.docker_project\n        tasks_from: system-prune\n```\n\nLicense\n-------\n\nBeerware License\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdjuuu%2Fansible-role-docker-project","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdjuuu%2Fansible-role-docker-project","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdjuuu%2Fansible-role-docker-project/lists"}