Newer
Older
- include: desktop.yml
- include: pkgs.yml
- hosts: all
become: yes
become_user: root
vars:
docker_graph_directory: '/home/{{ ansible_env.SUDO_USER }}/.bind_mounts/docker'
handlers:
- name: Systemd daemon reload
command: /bin/systemctl daemon-reload
- name: Restart Docker
service:
name: docker
state: restarted
tasks:
- assert:
that:
- ansible_pkg_mgr == 'apt'
- name: APT install
with_items:
- network-manager
- docker.io
- ufw
- libdvdcss2
- dnsmasq
- resolvconf
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
apt:
name: '{{ item }}'
state: present
update_cache: yes
cache_valid_time: 3600
- name: Set NetworkManager to ignore some interfaces
ini_file:
dest: /etc/NetworkManager/NetworkManager.conf
section: keyfile
option: unmanaged-devices
value: interface-name:docker0;interface-name:vboxnet0;interface-name:nspawnbr0:interface-name:lxcbr0
state: present
- name: Allow local bridges access through the firewall
with_items:
- docker0
- vboxnet0
- nspawnbr0
- lxcbr0
ufw:
direction: in
interface: '{{ item }}'
rule: allow
- name: Create Docker graph directory
file:
path: '{{ docker_graph_directory }}'
owner: root
group: root
mode: 0o711
notify:
- Restart Docker
- name: Configure Docker graph directory
lineinfile:
dest: /etc/default/docker
line: 'DOCKER_OPTS="--graph {{ docker_graph_directory }}"'
regexp: '^DOCKER_OPTS='
state: present
notify:
- Restart Docker
- name: Get Docker graph directory mountpoint
shell: df {{ docker_graph_directory }}
register: docker_graph_df
changed_when: False
- name: Create Systemd configuration override directories
with_items:
- docker.service
- dnsmasq.service
file:
path: '/etc/systemd/system/{{ item }}.d/'
owner: root
group: root
mode: 0o0755
state: directory
- name: Override docker.service Systemd configuration
template:
src: docker.service.d_Assertions.conf.j2
dest: /etc/systemd/system/docker.service.d/Assertions.conf
owner: root
group: root
mode: 0o0644
notify:
- Systemd daemon reload
- name: Override dnsmasq.service Systemd configuration
template:
src: dnsmasq.service.d_before-systemd-resovled.conf
dest: /etc/systemd/system/dnsmasq.service.d/before-systemd-resovled.conf
owner: root
group: root
mode: 0o0644
notify:
- Systemd daemon reload