diff --git a/docker.yml b/docker.yml index a0d5629..369dc40 100644 --- a/docker.yml +++ b/docker.yml @@ -2,62 +2,9 @@ - hosts: all become: true tasks: - - name: ensure the dependencies are installed - ansible.builtin.apt: - update_cache: yes - name: - - apt-transport-https - - ca-certificates - - curl - - gnupg - - lsb-release - - name: check if Docker PGP key is already present - ansible.builtin.stat: - path: /usr/share/keyrings/docker-archive-keyring.gpg - register: docker_gpg_presence - - name: download armored Docker PGP key - ansible.builtin.get_url: - url: https://download.docker.com/linux/debian/gpg - dest: /tmp/docker.gpg - when: not docker_gpg_presence.stat.exists - - name: ensure unarmored Docker PGP key is present - ansible.builtin.command: - cmd: gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg /tmp/docker.gpg - when: not docker_gpg_presence.stat.exists - - name: remove temporary armored Docker PGP key - ansible.builtin.file: - path: /tmp/docker.gpg - state: absent - when: not docker_gpg_presence.stat.exists - - name: retrieve machine DPKG architecture - ansible.builtin.command: - cmd: dpkg --print-architecture - register: dpkg_architecture - changed_when: false - - name: ensure Docker repository is present - ansible.builtin.copy: - content: "deb [arch={{ dpkg_architecture.stdout }} signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable" - dest: /etc/apt/sources.list.d/docker.list - owner: root - group: root - mode: 0644 - - name: ensure Docker is installed and latest version - ansible.builtin.apt: - update_cache: yes - name: - - docker-ce - - docker-ce-cli - - containerd.io - state: latest - - name: ensure Docker Compose v1 is not present - ansible.builtin.file: - path: /usr/local/bin/docker-compose - state: absent - - name: ensure Docker Compose v2 is installed and latest version - ansible.builtin.get_url: - url: "https://github.com/docker/compose/releases/latest/download/docker-compose-{{ ansible_facts.system }}-{{ ansible_facts.architecture }}" - dest: /usr/libexec/docker/cli-plugins/docker-compose - owner: root - group: root - mode: 0755 - when: ansible_facts.os_family == "Debian" + - import_tasks: tasks/debian-docker/dependencies.yml + - import_tasks: tasks/debian-docker/gpgkey.yml + - import_tasks: tasks/debian-docker/repository.yml + - import_tasks: tasks/debian-docker/docker.yml + - import_tasks: tasks/debian-docker/compose-v1.yml + - import_tasks: tasks/debian-docker/compose-v2.yml diff --git a/tasks/debian-docker/compose-v1.yml b/tasks/debian-docker/compose-v1.yml new file mode 100644 index 0000000..9f647dc --- /dev/null +++ b/tasks/debian-docker/compose-v1.yml @@ -0,0 +1,5 @@ +--- +- name: ensure Docker Compose v1 is not present + ansible.builtin.file: + path: /usr/local/bin/docker-compose + state: absent diff --git a/tasks/debian-docker/compose-v2.yml b/tasks/debian-docker/compose-v2.yml new file mode 100644 index 0000000..378ba06 --- /dev/null +++ b/tasks/debian-docker/compose-v2.yml @@ -0,0 +1,9 @@ +--- +- name: ensure Docker Compose v2 is installed and latest version + ansible.builtin.get_url: + url: "https://github.com/docker/compose/releases/latest/download/docker-compose-{{ ansible_facts.system }}-{{ ansible_facts.architecture }}" + dest: /usr/libexec/docker/cli-plugins/docker-compose + owner: root + group: root + mode: 0755 + when: ansible_facts.os_family == "Debian" diff --git a/tasks/debian-docker/dependencies.yml b/tasks/debian-docker/dependencies.yml new file mode 100644 index 0000000..04440ef --- /dev/null +++ b/tasks/debian-docker/dependencies.yml @@ -0,0 +1,10 @@ +--- +- name: ensure the dependencies are installed + ansible.builtin.apt: + update_cache: yes + name: + - apt-transport-https + - ca-certificates + - curl + - gnupg + - lsb-release diff --git a/tasks/debian-docker/docker.yml b/tasks/debian-docker/docker.yml new file mode 100644 index 0000000..5806454 --- /dev/null +++ b/tasks/debian-docker/docker.yml @@ -0,0 +1,9 @@ +--- +- name: ensure Docker is installed and latest version + ansible.builtin.apt: + update_cache: yes + name: + - docker-ce + - docker-ce-cli + - containerd.io + state: latest diff --git a/tasks/debian-docker/gpgkey.yml b/tasks/debian-docker/gpgkey.yml new file mode 100644 index 0000000..aa0d68e --- /dev/null +++ b/tasks/debian-docker/gpgkey.yml @@ -0,0 +1,19 @@ +--- +- name: check if Docker PGP key is already present + ansible.builtin.stat: + path: /usr/share/keyrings/docker-archive-keyring.gpg + register: docker_gpg_presence +- name: download armored Docker PGP key + ansible.builtin.get_url: + url: https://download.docker.com/linux/debian/gpg + dest: /tmp/docker.gpg + when: not docker_gpg_presence.stat.exists +- name: ensure unarmored Docker PGP key is present + ansible.builtin.command: + cmd: gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg /tmp/docker.gpg + when: not docker_gpg_presence.stat.exists +- name: remove temporary armored Docker PGP key + ansible.builtin.file: + path: /tmp/docker.gpg + state: absent + when: not docker_gpg_presence.stat.exists diff --git a/tasks/debian-docker/repository.yml b/tasks/debian-docker/repository.yml new file mode 100644 index 0000000..08dae05 --- /dev/null +++ b/tasks/debian-docker/repository.yml @@ -0,0 +1,13 @@ +--- +- name: retrieve machine DPKG architecture + ansible.builtin.command: + cmd: dpkg --print-architecture + register: dpkg_architecture + changed_when: false +- name: ensure Docker repository is present + ansible.builtin.copy: + content: "deb [arch={{ dpkg_architecture.stdout }} signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable" + dest: /etc/apt/sources.list.d/docker.list + owner: root + group: root + mode: 0644