diff options
Diffstat (limited to 'ansible')
-rw-r--r-- | ansible/roles/docker/handlers/main.yml | 6 | ||||
-rw-r--r-- | ansible/roles/docker/tasks/main.yml | 34 | ||||
-rw-r--r-- | ansible/roles/firewall/tasks/firewall-disable.yml | 17 | ||||
-rw-r--r-- | ansible/roles/firewall/tasks/main.yml | 2 |
4 files changed, 59 insertions, 0 deletions
diff --git a/ansible/roles/docker/handlers/main.yml b/ansible/roles/docker/handlers/main.yml new file mode 100644 index 00000000..5df47e8d --- /dev/null +++ b/ansible/roles/docker/handlers/main.yml @@ -0,0 +1,6 @@ +--- +- name: Restart Docker + systemd: + name: docker + state: restarted + enabled: yes diff --git a/ansible/roles/docker/tasks/main.yml b/ansible/roles/docker/tasks/main.yml new file mode 100644 index 00000000..28c322c3 --- /dev/null +++ b/ansible/roles/docker/tasks/main.yml @@ -0,0 +1,34 @@ +--- +- name: Install docker + package: + name: 'docker-ce' + state: present + notify: + - Restart Docker + +- name: Install docker python module + package: + name: 'python2-docker' + state: present + +- name: Ensure /etc/docker exists + file: + path: /etc/docker + state: directory + +- name: Setup docker dns settings + json_add: + path: /etc/docker/daemon.json + key: dns + value: "{{ hostvars[groups.infrastructure[0]].ansible_host }}" + notify: + - Restart Docker + +- name: Force notified handlers to run at this point + meta: flush_handlers + +- name: Ensure docker is started + systemd: + name: docker + state: started + enabled: yes diff --git a/ansible/roles/firewall/tasks/firewall-disable.yml b/ansible/roles/firewall/tasks/firewall-disable.yml new file mode 100644 index 00000000..9a8a2c10 --- /dev/null +++ b/ansible/roles/firewall/tasks/firewall-disable.yml @@ -0,0 +1,17 @@ +--- +- name: Check if firewalld is installed + yum: + list: firewalld + disablerepo: "*" + register: firewalld_check + +- name: Stop and disable firewalld if exists + service: + name: firewalld + state: stopped + enabled: no + when: firewalld_check.results|selectattr('yumstate', 'match', 'installed')|list|length != 0 + +- name: Flush iptables + iptables: + flush: true diff --git a/ansible/roles/firewall/tasks/main.yml b/ansible/roles/firewall/tasks/main.yml new file mode 100644 index 00000000..f7bb7c74 --- /dev/null +++ b/ansible/roles/firewall/tasks/main.yml @@ -0,0 +1,2 @@ +--- +- include_tasks: "firewall-{{ state }}.yml" |