https://github.com/hellothisisflo/ansible-role-setup-secure-remote-docker-daemon

Setup and secure a Docker daemon remotely accessible via TLS
https://github.com/hellothisisflo/ansible-role-setup-secure-remote-docker-daemon

Last synced: about 2 months ago
JSON representation

Setup and secure a Docker daemon remotely accessible via TLS

• Host: GitHub
• URL: https://github.com/hellothisisflo/ansible-role-setup-secure-remote-docker-daemon
• Owner: HelloThisIsFlo
• License: mit
• Created: 2017-11-04T21:49:00.000Z (over 7 years ago)
• Default Branch: master
• Last Pushed: 2023-01-02T00:32:29.000Z (over 2 years ago)
• Last Synced: 2025-02-13T12:54:02.280Z (3 months ago)
• Language: Shell
• Size: 51.8 KB
• Stars: 2
• Watchers: 2
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
[![Build Status](https://travis-ci.org/FlorianKempenich/ansible-role-setup-secure-remote-docker-daemon.svg?branch=master)](https://travis-ci.org/FlorianKempenich/ansible-role-setup-secure-remote-docker-daemon) [![Ansible Role](https://img.shields.io/ansible/role/22816.svg)](https://galaxy.ansible.com/FlorianKempenich/setup-secure-remote-docker-daemon/)

# Ansible role: `setup-secure-remote-docker-daemon`

Setup and secure a Docker daemon remotely accessible via TLS.

## Requirements

No requirements. The role will install Docker before setting it up.

## Role Variables

### Required parameters

* **rootca_certificate:** Certificate of the RootCA to trust when authenticating client. As Text

* **server_certificate:** Server certificate to authenticate Docker server. As Text

* **server_privatekey:** Server privatekey corresponding to the certificate. As Text

### Optional

* **docker_port:** 2376

* **certificates_dir[default=/docker-tls]:** Where to store certificates on the remote machine

* **cert_filename[default=server-certificate.pem]:** Filename, on the remote machine, of the Server certificate 

* **privkey_filename[default=server-privatekey.pem]:**  Filename, on the remote machine, of the Server private key

* **cacert_filename[default=rootca-certificate.pem]:**  Filename, on the remote machine, of the RootCA certificate

## Example Playbook

Here is an example of a playbook using the Role.  

In that example certificates/privkey are read from files using the `lookup` method from **jinja2**

    - hosts: sandbox

      vars:

        certdir: "/home/my_certificate_directory"

      tasks:

        - include_role:

            name: FlorianKempenich.setup-secure-remote-docker-daemon

          vars:

            rootca_certificate: "{{ lookup('file', '{{ certdir }}/rootca-certificate.pem') }}"

            server_certificate: "{{ lookup('file', '{{ certdir }}/server/server-certificate.pem') }}"

            server_privatekey: "{{ lookup('file',  '{{ certdir }}/server/server-privatekey.pem') }}"

## License

MIT

## Author Information

Follow my work on my blog: [Florian Kempenich](https://floriankempenich.com)