125 lines
2.5 KiB
YAML
125 lines
2.5 KiB
YAML
---
|
|
- name: server initial command
|
|
hosts: 'imed'
|
|
become: yes
|
|
become_method: sudo
|
|
become_user: root
|
|
vars_files:
|
|
- var/registry.yml
|
|
tasks:
|
|
- name: set shecan dns
|
|
copy:
|
|
src: ../dns/resolv.conf
|
|
dest: /etc/resolv.conf
|
|
owner: root
|
|
group: root
|
|
mode: u=rwx,g=rwx,o=rwx
|
|
|
|
- name: disable ufw
|
|
shell: ufw disable
|
|
|
|
- name: disable swap
|
|
shell: swapoff -a
|
|
|
|
- name: sid swap off in fstab
|
|
shell: sed -i '/swap/d' /etc/fstab
|
|
|
|
- name: set timezone
|
|
shell: timedatectl set-timezone Asia/Tehran
|
|
|
|
- name: apt-get update
|
|
apt: update_cache=yes force_apt_get=yes cache_valid_time=3600
|
|
|
|
- name: add docker key and add docker repo
|
|
shell: |
|
|
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
|
|
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"
|
|
|
|
|
|
- name: installing docker dependencies
|
|
apt:
|
|
name: "{{item}}"
|
|
state: present
|
|
update_cache: yes
|
|
with_items:
|
|
- ca-certificates
|
|
- curl
|
|
- gnupg
|
|
- lsb-release
|
|
|
|
|
|
|
|
- name: installing docker-ce and docker-ce-cli and
|
|
apt:
|
|
name: "{{item}}"
|
|
state: present
|
|
update_cache: yes
|
|
with_items:
|
|
- docker-ce
|
|
- docker-ce-cli
|
|
- containerd.io
|
|
|
|
|
|
- name: start and enable docker and containerd
|
|
service:
|
|
name: "{{item}}"
|
|
state: started
|
|
enabled: yes
|
|
with_items:
|
|
- docker
|
|
- containerd
|
|
|
|
- name: create the docker user account
|
|
user: name=dockerman append=yes state=present createhome=yes shell=/bin/bash
|
|
|
|
- name: allow 'dockerman' to use sudo without needing a password
|
|
lineinfile:
|
|
dest: /etc/sudoers
|
|
line: 'dockerman ALL=(ALL) NOPASSWD: ALL'
|
|
validate: 'visudo -cf %s'
|
|
|
|
- name: add user to docker group
|
|
user:
|
|
name: dockerman
|
|
groups: docker
|
|
state: present
|
|
|
|
- name: reset and enable docker
|
|
shell: |
|
|
systemctl daemon-reload
|
|
systemctl restart docker
|
|
systemctl enable docker
|
|
|
|
# add docker home to enviroment variable
|
|
- name: login docker
|
|
become: dockerman
|
|
shell: docker login -u {{ registry_user_imed }} -p {{ registry_password_imed }} {{ registry_url }}
|
|
|
|
- name: reboot
|
|
shell: reboot
|
|
ignore_errors: yes
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|