From a339071b1d67ec79cfd9386e87818bfd83fe7c6a Mon Sep 17 00:00:00 2001
From: Fabio Sinibaldi <fabio.sinibaldi@isti.cnr.it>
Date: Wed, 7 May 2025 18:28:48 +0200
Subject: [PATCH] Docker initial config

---
 .../main-lab/group_vars/all/vault.yml         | 14 ++++---
 ansible/roles/docker/tasks/docker_user.yml    | 24 +++++++++++
 ansible/roles/docker/tasks/install.yml        | 40 +++++++++++++++++++
 ansible/roles/docker/tasks/swarm.yml          |  4 ++
 ansible/swarms.yml                            |  6 +++
 5 files changed, 82 insertions(+), 6 deletions(-)
 create mode 100644 ansible/roles/docker/tasks/docker_user.yml
 create mode 100644 ansible/roles/docker/tasks/install.yml
 create mode 100644 ansible/roles/docker/tasks/swarm.yml
 create mode 100644 ansible/swarms.yml

diff --git a/ansible/inventories/main-lab/group_vars/all/vault.yml b/ansible/inventories/main-lab/group_vars/all/vault.yml
index 0999531..a6c2122 100644
--- a/ansible/inventories/main-lab/group_vars/all/vault.yml
+++ b/ansible/inventories/main-lab/group_vars/all/vault.yml
@@ -1,7 +1,9 @@
 $ANSIBLE_VAULT;1.1;AES256
-61393961306333653235623830613237633236393333343663613032653136373237316361643439
-3033653166663836363961663535396631653336653264330a643131393433376239633933613661
-34346235343936313434646533653261653334356239636431323338383538393964313666636233
-6235623436656430390a316639343438366436643935373162613135323034626339393539323433
-36363630643163666632306234386664323166373638353339663563333232663135383531336266
-3231326238326136323536383434383134313739643239623964
+39376138666334356631626564333933643938353065356235303636303064353263623831373036
+3461386536336466343665343639643730653838323939370a343737663839623962373065313932
+64623636646335616162633331613835613837336561666530623864346431363338653564323539
+3863656661653538390a623763636564383863643063353364366232663133326235353136626661
+31623736323938663561363562323832373939303637633337626132616530343731343037303062
+66376330613130323331363230626361383137393333326661343239613137386530666237393661
+38303330386663393334323735636637393262616664646536343865613431666234343566616661
+38323163383866353034
diff --git a/ansible/roles/docker/tasks/docker_user.yml b/ansible/roles/docker/tasks/docker_user.yml
new file mode 100644
index 0000000..6c7f0f1
--- /dev/null
+++ b/ansible/roles/docker/tasks/docker_user.yml
@@ -0,0 +1,24 @@
+---
+- name: Add the docker group
+    group:
+      name: docker
+      gid: 1101
+      state: present
+
+
+- name: Add the docker user
+  user:
+    name: docker
+    uid: 1101
+    group: docker
+    # Directly generate hash 
+    # https://www.lisenet.com/2019/ansible-generate-crypted-passwords-for-the-user-module/
+    password: "{{ docker_crypted_password | password_hash('sha512') }}"
+    shell: /bin/bash 
+    system: yes
+    home: /srv/docker
+    state: present
+
+- name: Reset ssh connection to allow user changes to affect ansible user
+  ansible.builtin.meta:
+    reset_connection
\ No newline at end of file
diff --git a/ansible/roles/docker/tasks/install.yml b/ansible/roles/docker/tasks/install.yml
new file mode 100644
index 0000000..5b092bb
--- /dev/null
+++ b/ansible/roles/docker/tasks/install.yml
@@ -0,0 +1,40 @@
+---
+- name: Install aptitude
+  apt:
+    name: aptitude
+    state: latest
+    update_cache: true
+
+- name: Install required system packages
+  apt:
+    pkg:
+      - apt-transport-https
+      - ca-certificates
+      - curl
+      - software-properties-common
+      - python3-pip
+      - virtualenv
+      - python3-setuptools
+    state: latest
+    update_cache: true
+
+- name: Add Docker GPG apt Key
+  apt_key:
+    url: https://download.docker.com/linux/ubuntu/gpg
+    state: present
+
+- name: Add Docker Repository
+  apt_repository:
+    repo: deb https://download.docker.com/linux/ubuntu focal stable
+    state: present
+
+- name: Update apt and install docker-ce
+  apt:
+    name: docker-ce
+    state: latest
+    update_cache: true
+
+- name: Install Docker Module for Python
+  pip:
+    name: docker
+
diff --git a/ansible/roles/docker/tasks/swarm.yml b/ansible/roles/docker/tasks/swarm.yml
new file mode 100644
index 0000000..82c51ff
--- /dev/null
+++ b/ansible/roles/docker/tasks/swarm.yml
@@ -0,0 +1,4 @@
+---
+# configure as master if flag
+# identify swarm by node variable
+become_user: docker
\ No newline at end of file
diff --git a/ansible/swarms.yml b/ansible/swarms.yml
new file mode 100644
index 0000000..bdfdbc0
--- /dev/null
+++ b/ansible/swarms.yml
@@ -0,0 +1,6 @@
+---
+- name: Configure swarms 
+  hosts: swarm
+  roles:
+    - common
+    - docker
\ No newline at end of file