From c596e275a9dba16d24d7548924c715b124f15a85 Mon Sep 17 00:00:00 2001 From: Tom Alexander Date: Sat, 25 Mar 2023 16:08:13 -0400 Subject: [PATCH] Add docker role for Linux. --- .../environments/laptop/host_vars/odolinux | 2 + ansible/playbook.yaml | 1 + ansible/roles/docker/tasks/common.yaml | 15 ++++ ansible/roles/docker/tasks/freebsd.yaml | 5 ++ ansible/roles/docker/tasks/linux.yaml | 73 +++++++++++++++++++ ansible/roles/docker/tasks/main.yaml | 1 + ansible/roles/docker/tasks/peruser.yaml | 29 ++++++++ .../roles/docker/tasks/peruser_freebsd.yaml | 0 ansible/roles/docker/tasks/peruser_linux.yaml | 0 ansible/roles/docker/templates/daemon.json.j2 | 3 + 10 files changed, 129 insertions(+) create mode 100644 ansible/roles/docker/tasks/common.yaml create mode 100644 ansible/roles/docker/tasks/freebsd.yaml create mode 100644 ansible/roles/docker/tasks/linux.yaml create mode 100644 ansible/roles/docker/tasks/main.yaml create mode 100644 ansible/roles/docker/tasks/peruser.yaml create mode 100644 ansible/roles/docker/tasks/peruser_freebsd.yaml create mode 100644 ansible/roles/docker/tasks/peruser_linux.yaml create mode 100644 ansible/roles/docker/templates/daemon.json.j2 diff --git a/ansible/environments/laptop/host_vars/odolinux b/ansible/environments/laptop/host_vars/odolinux index 99db74f..22c5476 100644 --- a/ansible/environments/laptop/host_vars/odolinux +++ b/ansible/environments/laptop/host_vars/odolinux @@ -31,3 +31,5 @@ hwpstate: true cores: 8 sway_conf_files: - rofimoji +docker_storage_driver: zfs # alternatively overlay2 +docker_zfs_dataset: zroot/linux/archmain/docker diff --git a/ansible/playbook.yaml b/ansible/playbook.yaml index aa170d8..c74e1f5 100644 --- a/ansible/playbook.yaml +++ b/ansible/playbook.yaml @@ -45,6 +45,7 @@ - latex - pyenv - webcam + - docker - hosts: nat_dhcp:homeserver_nat_dhcp vars: diff --git a/ansible/roles/docker/tasks/common.yaml b/ansible/roles/docker/tasks/common.yaml new file mode 100644 index 0000000..fef1101 --- /dev/null +++ b/ansible/roles/docker/tasks/common.yaml @@ -0,0 +1,15 @@ +- import_tasks: tasks/freebsd.yaml + when: 'os_flavor == "freebsd"' + +- import_tasks: tasks/linux.yaml + when: 'os_flavor == "linux"' + +- include_tasks: + file: tasks/peruser.yaml + apply: + become: yes + become_user: "{{ initialize_user }}" + when: users is defined + loop: "{{ users | dict2items | community.general.json_query('[?value.initialize==`true`].key') }}" + loop_control: + loop_var: initialize_user diff --git a/ansible/roles/docker/tasks/freebsd.yaml b/ansible/roles/docker/tasks/freebsd.yaml new file mode 100644 index 0000000..b417174 --- /dev/null +++ b/ansible/roles/docker/tasks/freebsd.yaml @@ -0,0 +1,5 @@ +# - name: Install packages +# package: +# name: +# - foo +# state: present diff --git a/ansible/roles/docker/tasks/linux.yaml b/ansible/roles/docker/tasks/linux.yaml new file mode 100644 index 0000000..44e9636 --- /dev/null +++ b/ansible/roles/docker/tasks/linux.yaml @@ -0,0 +1,73 @@ +- name: Install packages + package: + name: + - docker + state: present + +- name: Create docker zfs dataset + when: docker_zfs_dataset is defined and docker_zvol_size is not defined + zfs: + name: "{{ docker_zfs_dataset }}" + state: present + extra_zfs_properties: + mountpoint: /var/lib/docker + +- name: Create docker zfs dataset for zvol + when: docker_zfs_dataset is defined and docker_zvol_size is defined + zfs: + name: "{{ docker_zfs_dataset }}" + state: present + +- name: Create docker zvol + when: docker_zfs_dataset is defined and docker_zvol_size is defined + zfs: + name: "{{ docker_zfs_dataset }}/ext4data" + state: present + extra_zfs_properties: + volsize: "{{ docker_zvol_size }}" + +- name: Create a ext4 filesystem for docker zvol + when: docker_zfs_dataset is defined and docker_zvol_size is defined + filesystem: + fstype: ext4 + resizefs: true + dev: "/dev/zvol/{{ docker_zfs_dataset }}/ext4data" + +- name: Mount docker zvol + when: docker_zfs_dataset is defined and docker_zvol_size is defined + mount: + path: /var/lib/docker + src: "/dev/zvol/{{ docker_zfs_dataset }}/ext4data" + fstype: ext4 + state: mounted + opts: "noatime,data=writeback,barrier=0,nobh,errors=remount-ro" + +- name: Create directories + when: docker_storage_driver is defined + file: + name: "{{ item }}" + state: directory + mode: 0700 + owner: root + group: root + loop: + - /etc/docker + +- name: Install configuration + when: docker_storage_driver is defined + template: + src: "templates/{{ item.src }}.j2" + dest: "{{ item.dest }}" + mode: 0644 + owner: root + group: root + loop: + - src: daemon.json + dest: /etc/docker/daemon.json + +- name: Start docker socket + systemd: + state: started + name: docker.socket + daemon_reload: yes + enabled: yes diff --git a/ansible/roles/docker/tasks/main.yaml b/ansible/roles/docker/tasks/main.yaml new file mode 100644 index 0000000..5c1df6c --- /dev/null +++ b/ansible/roles/docker/tasks/main.yaml @@ -0,0 +1 @@ +- import_tasks: tasks/common.yaml diff --git a/ansible/roles/docker/tasks/peruser.yaml b/ansible/roles/docker/tasks/peruser.yaml new file mode 100644 index 0000000..111e886 --- /dev/null +++ b/ansible/roles/docker/tasks/peruser.yaml @@ -0,0 +1,29 @@ +- include_role: + name: per_user + +# - name: Create directories +# file: +# name: "{{ account_homedir.stdout }}/{{ item }}" +# state: directory +# mode: 0700 +# owner: "{{ account_name.stdout }}" +# group: "{{ group_name.stdout }}" +# loop: +# - ".config/foo" + +# - name: Copy files +# copy: +# src: "files/{{ item.src }}" +# dest: "{{ account_homedir.stdout }}/{{ item.dest }}" +# mode: 0600 +# owner: "{{ account_name.stdout }}" +# group: "{{ group_name.stdout }}" +# loop: +# - src: foo.conf +# dest: .config/foo/foo.conf + +- import_tasks: tasks/peruser_freebsd.yaml + when: 'os_flavor == "freebsd"' + +- import_tasks: tasks/peruser_linux.yaml + when: 'os_flavor == "linux"' diff --git a/ansible/roles/docker/tasks/peruser_freebsd.yaml b/ansible/roles/docker/tasks/peruser_freebsd.yaml new file mode 100644 index 0000000..e69de29 diff --git a/ansible/roles/docker/tasks/peruser_linux.yaml b/ansible/roles/docker/tasks/peruser_linux.yaml new file mode 100644 index 0000000..e69de29 diff --git a/ansible/roles/docker/templates/daemon.json.j2 b/ansible/roles/docker/templates/daemon.json.j2 new file mode 100644 index 0000000..fd8abae --- /dev/null +++ b/ansible/roles/docker/templates/daemon.json.j2 @@ -0,0 +1,3 @@ +{ + "storage-driver": "{{docker_storage_driver}}" +}