{"id":16777300,"url":"https://github.com/githubixx/ansible-role-docker","last_synced_at":"2025-03-22T00:31:03.169Z","repository":{"id":25806580,"uuid":"85116079","full_name":"githubixx/ansible-role-docker","owner":"githubixx","description":"Install Docker and docker-compose from official Docker binaries archive (no PPA or APT repository). Should work with any Linux OS using systemd.","archived":false,"fork":false,"pushed_at":"2024-07-15T20:55:34.000Z","size":77,"stargazers_count":15,"open_issues_count":1,"forks_count":6,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-18T06:22:59.676Z","etag":null,"topics":["ansible","ansible-role","docker","docker-compose"],"latest_commit_sha":null,"homepage":"https://www.tauceti.blog","language":"Jinja","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/githubixx.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-03-15T20:08:01.000Z","updated_at":"2024-09-22T11:54:27.000Z","dependencies_parsed_at":"2024-01-23T19:00:02.860Z","dependency_job_id":"0d027558-66dd-4908-b537-5c1f93c5ef7a","html_url":"https://github.com/githubixx/ansible-role-docker","commit_stats":null,"previous_names":[],"tags_count":15,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/githubixx%2Fansible-role-docker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/githubixx%2Fansible-role-docker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/githubixx%2Fansible-role-docker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/githubixx%2Fansible-role-docker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/githubixx","download_url":"https://codeload.github.com/githubixx/ansible-role-docker/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244890102,"owners_count":20527030,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","ansible-role","docker","docker-compose"],"created_at":"2024-10-13T07:24:19.050Z","updated_at":"2025-03-22T00:31:02.890Z","avatar_url":"https://github.com/githubixx.png","language":"Jinja","funding_links":[],"categories":[],"sub_categories":[],"readme":"# ansible-role-docker\n\nInstalls Docker from official Docker binaries archive (no PPA or apt repository). For managing Docker daemon systemd is used. Should work with basically every Linux OS using `systemd`.\n\n## Versions\n\nI tag every release and try to stay with [semantic versioning](http://semver.org). If you want to use the role I recommend to checkout the latest tag. The master branch is basically development while the tags mark stable releases. But in general I try to keep master in good shape too. A tag `12.0.0+27.0.3` means this is release `12.0.0` of this role and it's meant to be used with Docker version `27.0.3`. If the role itself changes `X.Y.Z` before `+` will increase. If the Docker version changes `XX.YY.ZZ` after `+` will increase. This allows to tag bugfixes and new major versions of the role while it's still developed for a specific Docker release.\n\n## Changelog\n\nsee [Changelog](https://github.com/githubixx/ansible-role-docker/blob/master/CHANGELOG.md)\n\n## Role Variables\n\n```yaml\n# Directory to store downloaded Docker archive and unarchived binary files.\ndocker_download_dir: \"/opt/tmp\"\n\n# Docker version to download and use.\ndocker_version: \"27.0.3\"\ndocker_user: \"docker\"\ndocker_group: \"docker\"\ndocker_uid: 666\ndocker_gid: 666\n\n# Directory to store Docker binaries. Should be in your search PATH!\ndocker_bin_dir: \"/usr/local/bin\"\n\n# For Archlinux the values of this variable can either be \"iptables\" or\n# \"nftables\". For all other OSes \"iptables\" is a requirement as Docker\n# depends on \"iptables\" command. In case of Archlinux \"nftables\" also\n# includes \"iptables\" so both work.\n# \n# Ubuntu 20.04 and Debian 10 only provides \"iptables\".\n#\n# Ubuntu 22.04, 22.04, Debian 11 and 12 allows to install \"iptables\" and \"nftables\"\n# in parallel.\n#\n# So for Archlinux if either \"iptables\" or \"iptables-nft\" package is\n# already installed this role won't change anything. For all other OSes\n# \"iptables\" package is a requirement. So even if \"nftables\" package is\n# already installed this role will install \"iptables\" package.\n#\n# Possible values:\n# - iptables # Possible for all supported OSes\n# - nftables # Only for Archlinux\ndocker_firewall_flavor: \"iptables\"\n\n# Settings for \"dockerd\" daemon. Will be provided as parameter to \"dockerd\" in\n# systemd service file for Docker. These variables and it's values can be\n# overridden with `dockerd_settings_user` variable. Also additional variables\n# can be added of course. For possible values see:\n# https://docs.docker.com/engine/reference/commandline/dockerd/#daemon\ndockerd_settings:\n  \"host\": \"unix:///run/docker.sock\"\n  \"log-level\": \"info\"\n  \"storage-driver\": \"overlay2\"\n  \"iptables\": \"true\"\n  \"ip-masq\": \"true\"\n  \"mtu\": \"1500\"\n\n# To override settings defined in `dockerd_settings` this variable can be\n# used. Of course additional variables can be added too. The example below\n# would add the \"--debug=true\" switch to `dockerd` e.g. For possible values\n# see:\n# https://docs.docker.com/engine/reference/commandline/dockerd/#daemon\n# dockerd_settings_user:\n#   \"debug\": \"true\"\n\n# The directory from where to copy the Docker CA certificates. By default this\n# will expand to user's LOCAL $HOME (the user that run's \"ansible-playbook ...\"\n# plus \"/docker-ca-certificates\". That means if the user's $HOME directory is\n# e.g. \"/home/da_user\" then \"docker_ca_certificates_src_dir\" will have a value\n# of \"/home/da_user/docker-ca-certificates\".\ndocker_ca_certificates_src_dir: \"{{ '~/docker-ca-certificates' | expanduser }}\"\n\n# The directory where the program \"update-ca-certificates\" searches for CA\n# certificate files (besides other locations).\ndocker_ca_certificates_dst_dir: \"/usr/local/share/ca-certificates\"\n\n# Currently only \"standalone\" is supported. So that means on the remote host\n# \"docker-compose\" command will be available and not the \"docker compose\"\n# plugin (without \"-\").\n# When commented no \"docker-compose\" will be installed and all \"docker_compose_*\"\n# variables are ignored.\n#docker_compose_type: \"standalone\"\n\n# \"docker-compose\" version\ndocker_compose_version: \"2.28.1\"\n\n# The directory where to \"docker-compose\" binary will be installed\ndocker_compose_bin_directory: \"/usr/local/bin\"\n\n# Owner of the \"docker-compose\" binary\ndocker_compose_bin_owner: \"root\"\n\n# Group of the \"docker-compose\" binary\ndocker_compose_bin_group: \"root\"\n\n# File permissions of \"docker-compose\" binary\ndocker_compose_bin_file_perm: \"0755\"\n```\n\nVariables with no defaults:\n\n```yaml\n# If you've a Docker registry with a self signed certificate you can copy the\n# certificate authority (CA) file to the remote host to the CA certificate store.\n# This way Docker will trust the SSL certificate of your Docker registry.\n# It's important to mention that the CA files needs a \".crt\" extension!\n# \"docker_ca_certificates\" is a list so you can specify as much CA files as\n# you want. The Ansible role will lookup for the files specified here in\n# \"docker_ca_certificates_src_dir\" (see above). If \"docker_ca_certificates\"\n# is not specified the task will be ignored.\ndocker_ca_certificates:\n  - ca-docker.crt\n```\n\nThe settings for `dockerd` daemon defined in `dockerd_settings` can be overridden by defining a variable called `dockerd_settings_user`. You can also add additional settings by using this variable. E.g. if you add the following variables and their values to `group_vars/all.yml` (or where ever it fit's best for you) `dockerd` the default settings will be overridden (see above):\n\n```yaml\ndockerd_settings_user:\n  \"host\": \"unix:///var/run/docker.sock\"\n  \"log-level\": \"error\"\n  \"storage-driver\": \"aufs\"\n  \"iptables\": \"false\"\n  \"ip-masq\": \"false\"\n  \"mtu\": \"1400\"\n```\n\nOf course you can add more settings.\n\n## Upgrading Docker\n\nIf you want upgrade Docker update `docker_version` variable accordingly. Afterwards if you run `ansible-playbook` and supply the argument `--extra-vars=\"upgrade_docker=true\"` the playbook will download the specified Docker version and installs the binaries. This will cause systemd to restart `docker.service`. To avoid restarting all Docker daemons on all of your hosts at once consider using `--limit` parameter or reduce parallel Ansible tasks with `--forks`.\n\n## Example Playbook\n\n```yaml\n- hosts: docker_hosts\n  roles:\n    - githubixx.docker\n```\n\n## Testing\n\nThis role has a small test setup that is created using [Molecule](https://github.com/ansible-community/molecule), libvirt (vagrant-libvirt) and QEMU/KVM. Please see my blog post [Testing Ansible roles with Molecule, libvirt (vagrant-libvirt) and QEMU/KVM](https://www.tauceti.blog/posts/testing-ansible-roles-with-molecule-libvirt-vagrant-qemu-kvm/) how to setup. The test configuration is [here](https://github.com/githubixx/ansible-role-docker/tree/master/molecule/default).\n\nAfterwards molecule can be executed:\n\n```bash\nmolecule converge\n```\n\nThis will setup a few virtual machines (VM) with different supported Linux operating systems and installs `docker` role.\n\nTo run a few tests:\n\n```bash\nmolecule verify\n```\n\nTo clean up run\n\n```bash\nmolecule destroy\n```\n\n## License\n\nGNU GENERAL PUBLIC LICENSE Version 3\n\n## Author Information\n\n[http://www.tauceti.blog](http://www.tauceti.blog)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgithubixx%2Fansible-role-docker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgithubixx%2Fansible-role-docker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgithubixx%2Fansible-role-docker/lists"}