Kevin Fardel 0884ae21b8 reset ssh connection to allow user changes to affect 'current login user'
Without this modification, we can't use docker with docker_users in same
playbook than the one which install docker.

Check that docker_users are set and not in docker group before include
docker-users.yml. In docker-users.yml we call reset_connection from
ansible.builtin.meta collection after docker-users are added to docker

Manual success tests:
* Try to install docker with only one user in docker-users and not in
  docker group => docker-users.yml include
* Try to install docker with only one user in docker-users but the user
  is in docker group => docker-users.yml not include
* Try to install docker with 2 users in docker-users, one user in docker
  group and the second not => docker-users.yml include
* Try to install docker with 2 users in docker-users, both are in docker
  group => docker-users.yml not include
* Try to install docker with 2 users in docker-users, both are not in
  docker group => docker-users.yml include
2022-08-24 17:07:45 +02:00

99 lines
3.0 KiB

- name: Load OS-specific vars.
include_vars: "{{ lookup('first_found', params) }}"
- '{{ansible_distribution}}.yml'
- '{{ansible_os_family}}.yml'
- main.yml
- 'vars'
- include_tasks: setup-RedHat.yml
when: ansible_os_family == 'RedHat'
- include_tasks: setup-Debian.yml
when: ansible_os_family == 'Debian'
- name: Install Docker packages.
name: "{{ docker_packages }}"
state: "{{ docker_packages_state }}"
notify: restart docker
ignore_errors: "{{ ansible_check_mode }}"
when: "ansible_version.full is version_compare('2.12', '<') or ansible_os_family not in ['RedHat', 'Debian']"
- name: Install Docker packages (with downgrade option).
name: "{{ docker_packages }}"
state: "{{ docker_packages_state }}"
allow_downgrade: true
notify: restart docker
ignore_errors: "{{ ansible_check_mode }}"
when: "ansible_version.full is version_compare('2.12', '>=') and ansible_os_family in ['RedHat', 'Debian']"
- name: Install docker-compose plugin.
name: "{{ docker_compose_package }}"
state: "{{ docker_compose_package_state }}"
notify: restart docker
ignore_errors: "{{ ansible_check_mode }}"
when: "docker_install_compose_plugin | bool == true and (ansible_version.full is version_compare('2.12', '<') or ansible_os_family not in ['RedHat', 'Debian'])"
- name: Install docker-compose-plugin (with downgrade option).
name: "{{ docker_compose_package }}"
state: "{{ docker_compose_package_state }}"
allow_downgrade: true
notify: restart docker
ignore_errors: "{{ ansible_check_mode }}"
when: "docker_install_compose_plugin | bool == true and ansible_version.full is version_compare('2.12', '>=') and ansible_os_family in ['RedHat', 'Debian']"
- name: Ensure /etc/docker/ directory exists.
path: /etc/docker
state: directory
mode: 0755
when: docker_daemon_options.keys() | length > 0
- name: Configure Docker daemon options.
content: "{{ docker_daemon_options | to_nice_json }}"
dest: /etc/docker/daemon.json
mode: 0644
when: docker_daemon_options.keys() | length > 0
notify: restart docker
- name: Ensure Docker is started and enabled at boot.
name: docker
state: "{{ docker_service_state }}"
enabled: "{{ docker_service_enabled }}"
ignore_errors: "{{ ansible_check_mode }}"
when: docker_service_manage | bool
- name: Ensure handlers are notified now to avoid firewall conflicts.
meta: flush_handlers
- include_tasks: docker-compose.yml
when: docker_install_compose | bool
- name: Get all docker group infos
database: group
key: docker
split: ':'
when: docker_users | length > 0
- name: Check there is at least one user to add to docker group
at_least_one_user_to_modify: true
- docker_users | length > 0
- item not in ansible_facts.getent_group["docker"][2]
with_items: "{{ docker_users }}"
- include_tasks: docker-users.yml
when: at_least_one_user_to_modify is defined