Another try at a docker install playbook

2025-07-12 12:07:29 -05:00
parent b05a3046f1
commit 1b329eeb2a
1 changed files with 37 additions and 46 deletions
--- a/playbooks/install-standard-docker.yml
+++ b/playbooks/install-standard-docker.yml
@@ -1,62 +1,53 @@
 ---
- name: Install Docker and standardize ACL on /opt/docker
+- name: Install Docker using official Docker documentation steps
  hosts: docker
  become: true
-  gather_facts: true

  vars:
-    docker_acl_path: /opt/docker
-    docker_version_pinned: "24.0.7"
+    docker_keyring_path: /etc/apt/keyrings/docker.asc
+    docker_repo_list_path: /etc/apt/sources.list.d/docker.list

  tasks:
-    - name: Ensure acl package is installed (for setfacl)
+    - name: Ensure required packages are installed
      apt:
-        name: acl
+        name:
+          - ca-certificates
+          - curl
        state: present
-        update_cache: true
+        update_cache: yes

-    - name: Install Docker via official script (only if not already installed)
-      shell: curl -fsSL https://get.docker.com | sh
-      args:
-        creates: /usr/bin/docker
-      environment:
-        VERSION: "{{ docker_version_pinned }}"
-
-    - name: Ensure docker group exists
-      group:
-        name: docker
-        state: present
-
-    - name: Ensure Docker service is enabled and running
-      systemd:
-        name: docker
-        enabled: true
-        state: started
-
-    - name: Ensure Docker base folder exists with correct ownership
+    - name: Ensure keyring directory exists
      file:
-        path: "{{ docker_acl_path }}"
+        path: /etc/apt/keyrings
        state: directory
-        owner: root
-        group: docker
-        mode: "0775"
+        mode: "0755"

-    - name: Check for existing default ACL on Docker folder
-      command: getfacl --access --default {{ docker_acl_path }}
-      register: facl_check
-      changed_when: false
-      failed_when: false
+    - name: Download Docker's official GPG key
+      get_url:
+        url: https://download.docker.com/linux/ubuntu/gpg
+        dest: "{{ docker_keyring_path }}"
+        mode: "0644"
+      register: docker_key_download

-    - name: Set default ACL for docker group if not already present
-      command: setfacl -d -m g:docker:rwx {{ docker_acl_path }}
-      when: "'default:group:docker:rwx' not in facl_check.stdout"
+    - name: Add Docker repository to Apt sources
+      copy:
+        dest: "{{ docker_repo_list_path }}"
+        content: |
+          deb [arch={{ ansible_architecture }} signed-by={{ docker_keyring_path }}] https://download.docker.com/linux/ubuntu {{ ansible_lsb.codename }} stable
+      notify: Update apt cache

-    - name: Show installed Docker version
-      command: docker --version
-      register: docker_current_version
-      changed_when: false
-      failed_when: false
+    - name: Install Docker packages
+      apt:
+        name:
+          - docker-ce
+          - docker-ce-cli
+          - containerd.io
+          - docker-buildx-plugin
+          - docker-compose-plugin
+        state: present
+        update_cache: no # already handled by handler

-    - name: Print installed Docker version
-      debug:
-        msg: "{{ docker_current_version.stdout }}"
+  handlers:
+    - name: Update apt cache
+      apt:
+        update_cache: yes