tudattr/ansible
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat(ansible): add Docker host configuration with NFS mounts and utility packages

Browse Source 
- Introduce Docker host configuration playbooks in `docker_host` role
  - Install Docker and Docker Compose via apt repository
  - Configure Docker user, group, and required directories (`/opt/docker`, `/media`)
  - Add NFS mounts for Docker data, series, movies, and songs directories
- Add extra utility packages (`bat`, `ripgrep`, `fd-find`, `screen`, `eza`, `neovim`)
- Set up and manage `bash_aliases` for user-friendly command replacements (`batcat`, `nvim`, `eza`)
- Enhance `/group_vars` and `/host_vars` for Docker-related settings and secure access
- Add `docker-host00` and `docker-host01` entries to production and staging inventories

Signed-off-by: Tuan-Dat Tran <tuan-dat.tran@tudattr.dev>
This commit is contained in:
Tuan-Dat Tran
2024-11-10 21:37:22 +01:00
parent ce0411cdb0
commit 4db26b56da
21 changed files with 803 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
roles/docker_host/tasks/deploy_compose.yml Normal file
View File

@@ -0,0 +1,14 @@
---
- name: Copy docker compose file to target
ansible.builtin.template:
src: "files/{{ item }}"
dest: "/opt/docker/compose/{{ item }}"
owner: "{{ user }}"
group: "{{ user }}"
mode: "644"
backup: true
loop:
- compose.yaml
notify:
- Restart docker
become: true

109
roles/docker_host/tasks/directory_setup.yml Normal file
View File

@@ -0,0 +1,109 @@
---
- name: Create /media/docker directory
ansible.builtin.file:
path: /media/docker
state: directory
mode: "0755"
become: true
- name: Create /media/series directory
ansible.builtin.file:
path: /media/series
state: directory
mode: "0755"
become: true
- name: Create /media/movies directory
ansible.builtin.file:
path: /media/movies
state: directory
mode: "0755"
become: true
- name: Create /media/songs directory
ansible.builtin.file:
path: /media/songs
state: directory
mode: "0755"
become: true
- name: Create /opt/docker directory
ansible.builtin.file:
path: /opt/docker
state: directory
mode: "0755"
become: true
- name: Create /opt/local directory
ansible.builtin.file:
path: /opt/local
state: directory
mode: "0755"
become: true
- name: Set ownership of /opt/local to tudattr
ansible.builtin.file:
path: /opt/local
owner: tudattr
group: tudattr
become: true
- name: Set ownership of /opt/docker to tudattr
ansible.builtin.file:
path: /opt/docker
owner: tudattr
group: tudattr
become: true
- name: Set ownership of /media directories to tudattr
ansible.builtin.file:
path: /media/
owner: tudattr
group: tudattr
recurse: true
become: true
- name: Ensure /media/docker is mounted via NFS
ansible.posix.mount:
path: /media/docker
src: 192.168.20.12:/media/docker
fstype: nfs
opts: defaults,nolock
state: mounted
become: true
- name: Ensure /media/series is mounted via NFS
ansible.posix.mount:
path: /media/series
src: 192.168.20.12:/media/series
fstype: nfs
opts: defaults,nolock
state: mounted
become: true
- name: Ensure /media/movies is mounted via NFS
ansible.posix.mount:
path: /media/movies
src: 192.168.20.12:/media/movies
fstype: nfs
opts: defaults,nolock
state: mounted
become: true
- name: Ensure /media/songs is mounted via NFS
ansible.posix.mount:
path: /media/songs
src: 192.168.20.12:/media/songs
fstype: nfs
opts: defaults,nolock
state: mounted
become: true
- name: Ensure /opt/docker is mounted via NFS
ansible.posix.mount:
path: /opt/docker
src: 192.168.20.12:/opt/docker
fstype: nfs
opts: defaults,nolock
state: mounted
become: true

59
roles/docker_host/tasks/installation.yml Normal file
View File

@@ -0,0 +1,59 @@
---
- name: Uninstall old versions
ansible.builtin.apt:
name: "{{ item }}"
state: absent
purge: true
loop:
- docker
- docker-engine
- docker.io
- containerd
- runc
become: true
- name: Update cache
ansible.builtin.apt:
update_cache: true
become: true
- name: Install dependencies for apt to use repositories over HTTPS
ansible.builtin.apt:
name: "{{ item }}"
state: present
loop:
- ca-certificates
- curl
- gnupg
- lsb-release
become: true
- name: Add Docker apt key.
ansible.builtin.get_url:
url: "{{ docker.url }}/{{ ansible_distribution | lower }}/gpg"
dest: /etc/apt/trusted.gpg.d/docker.asc
mode: "0664"
force: true
become: true
- name: Add Docker repository.
ansible.builtin.apt_repository:
repo: "deb [arch={{ arch }}] {{ docker.url }}/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} {{ docker.apt_release_channel }}"
state: present
become: true
- name: Update cache
ansible.builtin.apt:
update_cache: true
become: true
- name: Install Docker Engine, containerd, and Docker Compose.
ansible.builtin.apt:
name: "{{ item }}"
state: present
loop:
- docker-ce
- docker-ce-cli
- docker-compose-plugin
- containerd.io
become: true

15
roles/docker_host/tasks/main.yml Normal file
View File

@@ -0,0 +1,15 @@
---
- name: Setup VM
ansible.builtin.include_tasks: setup.yml
- name: Install docker
ansible.builtin.include_tasks: installation.yml
- name: Setup user and group for docker
ansible.builtin.include_tasks: user_group_setup.yml
- name: Setup directory structure for docker
ansible.builtin.include_tasks: directory_setup.yml
- name: Deploy docker compose
ansible.builtin.include_tasks: deploy_compose.yml

9
roles/docker_host/tasks/setup.yml Normal file
View File

@@ -0,0 +1,9 @@
---
- name: Enable HW accelerate for VM
ansible.builtin.apt:
name: "{{ item }}"
state: present
loop:
- firmware-misc-nonfree
- nfs-common
become: true

14
roles/docker_host/tasks/user_group_setup.yml Normal file
View File

@@ -0,0 +1,14 @@
---
- name: Ensure group "docker" exists
ansible.builtin.group:
name: docker
state: present
become: true
- name: Append the group docker to "{{ user }}"
ansible.builtin.user:
name: "{{ user }}"
shell: /bin/bash
groups: docker
append: true
become: true