From f825787dd6b98344c74c3ccff9e977b0d808e4da Mon Sep 17 00:00:00 2001 From: Felix Stupp Date: Tue, 22 Dec 2020 22:37:39 +0100 Subject: [PATCH] docker/application: Configure dns and log-driver of daemon --- group_vars/all/vars.yml | 4 ++++ roles/docker/application/defaults/main.yml | 5 +++++ roles/docker/application/handlers/main.yml | 6 ++++++ roles/docker/application/tasks/main.yml | 9 +++++++++ 4 files changed, 24 insertions(+) create mode 100644 roles/docker/application/defaults/main.yml create mode 100644 roles/docker/application/handlers/main.yml diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml index 13a6cac..bf50427 100644 --- a/group_vars/all/vars.yml +++ b/group_vars/all/vars.yml @@ -126,6 +126,10 @@ global_dns_upstream_servers: global_dnsmasq_configuration_file: "/etc/dnsmasq.conf" global_dnsmasq_configuration_directory: "/etc/dnsmasq.d" +global_docker_service_name: "docker.service" +global_docker_configuration_directory: "/etc/docker" +global_docker_daemon_configuration_file: "{{ global_docker_configuration_directory }}/daemon.json" + global_fail2ban_service_name: "fail2ban.service" global_fail2ban_system_directory: "/etc/fail2ban" global_fail2ban_configuration_directory: "{{ global_fail2ban_system_directory }}/fail2ban.d" diff --git a/roles/docker/application/defaults/main.yml b/roles/docker/application/defaults/main.yml new file mode 100644 index 0000000..7e00a0c --- /dev/null +++ b/roles/docker/application/defaults/main.yml @@ -0,0 +1,5 @@ +--- + +docker_configuration: + dns: "{{ ansible_dns.nameservers | ipv4 }}" # use only ipv4 dns servers TODO: check if docker supports ipv6 + log-driver: journald # send container logs also to journald diff --git a/roles/docker/application/handlers/main.yml b/roles/docker/application/handlers/main.yml new file mode 100644 index 0000000..80a6766 --- /dev/null +++ b/roles/docker/application/handlers/main.yml @@ -0,0 +1,6 @@ +--- + +- name: restart docker + systemd: + name: "{{ global_docker_service_name }}" + state: restarted diff --git a/roles/docker/application/tasks/main.yml b/roles/docker/application/tasks/main.yml index 38adfbe..74a8855 100644 --- a/roles/docker/application/tasks/main.yml +++ b/roles/docker/application/tasks/main.yml @@ -7,3 +7,12 @@ - docker.io - docker-compose - python3-docker + +- name: Configure docker daemon + copy: + content: "{{ docker_configuration | to_nice_json }}\n" + dest: "{{ global_docker_daemon_configuration_file }}" + owner: root + group: root + mode: u=rw,g=r,o=r + notify: restart docker