forked from ISTI-ansible-roles/ansible-roles
library/roles/docker: add a user to run the docker containers not as root.
This commit is contained in:
parent
aab6313083
commit
844abcbeaa
|
@ -5,9 +5,11 @@ docker_repo_key: '58118E89F3A912897C070ADBF76221572C52609D'
|
|||
docker_repo_keyserver: 'hkp://ha.pool.sks-keyservers.net:80'
|
||||
# Set to the Debian distribution name if not Ubuntu
|
||||
docker_distribution: '{{ ansible_distribution_release | lower }}'
|
||||
docker_repo: 'deb https://apt.dockerproject.org/repo {{ ansible_distribution }}-{{ docker_distribution }} main'
|
||||
docker_repo: 'deb https://apt.dockerproject.org/repo {{ ansible_distribution | lower }}-{{ docker_distribution }} main'
|
||||
|
||||
docker_pkg_status: latest
|
||||
docker_packages:
|
||||
- docker-engine
|
||||
|
||||
docker_run_as_docker_user: True
|
||||
docker_user_home: /home/docker
|
||||
|
|
|
@ -1,11 +1,15 @@
|
|||
---
|
||||
- block:
|
||||
- name: Add the Docker repository key
|
||||
apt_key: keyserver={{ docker_repo_keyserver }} id=docker_repo_key state=present
|
||||
apt_key: keyserver={{ docker_repo_keyserver }} id={{ docker_repo_key }} state=present
|
||||
|
||||
- name: Add the Docker repository
|
||||
apt_repository: repo='{{ docker_repo }}' update_cache=yes
|
||||
|
||||
- name: Create the docker user
|
||||
user: name=docker comment="Docker User" shell=/bin/bash home={{ docker_user_home }} system=yes
|
||||
when: docker_run_as_docker_user
|
||||
|
||||
- name: Install Docker
|
||||
apt: pkg={{ item }} state={{ docker_pkg_status }} update_cache=yes cache_valid_time=3600
|
||||
with_items: '{{ docker_packages }}'
|
||||
|
@ -24,8 +28,11 @@
|
|||
apt: pkg={{ item }} state=absent
|
||||
with_items: '{{ docker_packages }}'
|
||||
|
||||
- name: Remove the docker user
|
||||
user: name=docker state=absent
|
||||
|
||||
- name: Remove the Docker repository key
|
||||
apt_key: keyserver={{ docker_repo_keyserver }} id=docker_repo_key state=absent
|
||||
apt_key: keyserver={{ docker_repo_keyserver }} id={{ docker_repo_key }} state=absent
|
||||
|
||||
- name: Remove the Docker repository
|
||||
apt_repository: repo='{{ docker_repo }}' state=absent update_cache=yes
|
||||
|
|
Loading…
Reference in New Issue