--- - name: docker hosts: all tasks: ### Docker ### - name: Create docker Group ansible.builtin.group: name: docker state: present gid: 1003 - name: Create docker User ansible.builtin.user: name: docker comment: docker User uid: 1003 group: docker - name: Hide docker user from login screen blockinfile: path: /var/lib/AccountsService/users/docker mode: "0444" owner: root group: root create: yes block: | [User] SystemAccount=true backup: no - name: Create docker dir ansible.builtin.file: path: /home/docker owner: docker group: docker state: directory mode: '0750' - name: Create docker-data dir ansible.builtin.file: path: /home/docker/var-lib-docker owner: root group: root state: directory mode: '0710' - name: Create dir for container defaults ansible.builtin.file: path: /home/docker/_defaults owner: root group: docker state: directory mode: '0750' - name: Create /var/lib/docker -> /home/docker/var-lib-docker symlink ansible.builtin.file: src: /home/docker/var-lib-docker dest: /var/lib/docker owner: root group: root state: link - name: Remove packages for docker from default repo apt: name: - docker.io - docker-compose - containerd - runc state: absent update_cache: no install_recommends: no - name: Add signing key ansible.builtin.shell: curl -fsSL https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg | gpg --output "/usr/share/keyrings/gpg-pub-docker.gpg" --dearmor args: creates: /usr/share/keyrings/gpg-pub-docker.gpg #- name: Add signing key # ansible.builtin.apt_key: # url: "https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg" # state: present - name: Remove old repository from sources if exists ansible.builtin.apt_repository: repo: "deb https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable" state: absent filename: docker - name: Add repository into list ansible.builtin.apt_repository: repo: "deb [arch=amd64 signed-by=/usr/share/keyrings/gpg-pub-docker.gpg] https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable" state: present filename: docker - name: Packages for docker apt: name: - docker-ce - docker-ce-cli - containerd.io - docker-buildx-plugin - docker-compose-plugin - bridge-utils - apache2-utils - python3-docker update_cache: yes install_recommends: no # https://github.com/nextcloud/docker/issues/1103 - name: writing daemon.json (ipv6 settings) copy: dest: "/etc/docker/daemon.json" content: | { "ipv6": true, "fixed-cidr-v6": "fdab::/64", "experimental": true, "ip6tables": true } - name: mariadb env defaults copy: path: /home/docker/_defaults/mariadb/mariadb.env mode: "0444" owner: root group: root create: yes block: | MARIADB_RANDOM_ROOT_PASSWORD=1 MARIADB_AUTO_UPGRADE=1 MARIADB_INITDB_SKIP_TZINFO=1 # from here: save memory https://techroads.org/reducing-memory-use-on-my-mariadb-mysql-wordpress-docker-stack/ MARIADB_KEY_BUFFER_SIZE=1M MARIADB_MYISAMCHK_KEY_BUFFER_SIZE=1M MARIADB_INNODB_BUFFER_POOL_SIZE=10M MARIADB_INNODB_LOG_BUFFER_SIZE=512K MARIADB_MYISAM_SORT_BUFFER_SIZE=64K MARIADB_MYISAMCHK_SORT_BUFFER_SIZE=64K MARIADB_READ_BUFFER_SIZE=8K MARIADB_READ_RND_BUFFER_SIZE=8K MARIADB_SORT_BUFFER_SIZE=64K backup: yes - name: mariadb server config defaults blockinfile: path: /home/docker/_defaults/mariadb/99-server.cnf mode: "0444" owner: root group: root create: yes block: | [mariadbd] max_connections=10 query_cache_size=512K thread_cache_size=0 sort_buffer_size=64K bulk_insert_buffer_size=0 tmp_table_size=1K max_heap_table_size=16K key_buffer_size=1M read_buffer_size=8K read_rnd_buffer_size=8K #innodb_buffer_pool_size=10K #innodb_log_buffer_size=512K backup: yes - name: /usr/local/sbin/docker-compose shebang lineinfile: path: /usr/local/sbin/docker-compose insertbefore: BOF line: "#!/bin/bash -e"