--- # Docker Setup Playbook # Ensures Docker and Docker Compose are installed and configured # # Usage: # ansible-playbook -i inventories/production/hosts.yml playbooks/setup-docker.yml - name: Setup Docker for Production hosts: web_servers become: true vars: app_user: deploy docker_compose_version: "2.24.0" tasks: # ========================================== # 1. Verify Docker Installation # ========================================== - name: Check if Docker is installed command: docker --version register: docker_check changed_when: false failed_when: false - name: Display Docker version debug: msg: "Docker is already installed: {{ docker_check.stdout }}" when: docker_check.rc == 0 - name: Install Docker if not present block: - name: Update apt cache apt: update_cache: yes - name: Install prerequisites apt: name: - apt-transport-https - ca-certificates - curl - gnupg - lsb-release state: present - name: Add Docker GPG key apt_key: url: https://download.docker.com/linux/ubuntu/gpg state: present - name: Add Docker repository apt_repository: repo: "deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable" state: present - name: Install Docker apt: name: - docker-ce - docker-ce-cli - containerd.io state: present update_cache: yes when: docker_check.rc != 0 # ========================================== # 2. Configure Docker # ========================================== - name: Add deploy user to docker group user: name: "{{ app_user }}" groups: docker append: yes - name: Ensure Docker service is enabled and started systemd: name: docker enabled: yes state: started # ========================================== # 3. Install Docker Compose Plugin # ========================================== - name: Check if Docker Compose plugin is installed command: docker compose version register: compose_check changed_when: false failed_when: false - name: Display Docker Compose version debug: msg: "Docker Compose is already installed: {{ compose_check.stdout }}" when: compose_check.rc == 0 # ========================================== # 4. Configure Docker Daemon # ========================================== - name: Create Docker daemon configuration copy: dest: /etc/docker/daemon.json content: | { "log-driver": "json-file", "log-opts": { "max-size": "10m", "max-file": "3" }, "live-restore": true } owner: root group: root mode: '0644' notify: Restart Docker # ========================================== # 5. Firewall Configuration # ========================================== - name: Allow HTTP traffic ufw: rule: allow port: '80' proto: tcp - name: Allow HTTPS traffic ufw: rule: allow port: '443' proto: tcp # ========================================== # 6. Verification # ========================================== - name: Get Docker info command: docker info register: docker_info changed_when: false - name: Get Docker Compose version command: docker compose version register: compose_version changed_when: false - name: Display setup summary debug: msg: - "==========================================" - "Docker Setup Complete" - "==========================================" - "Docker Version: {{ docker_check.stdout }}" - "Docker Compose: {{ compose_version.stdout }}" - "User '{{ app_user }}' added to docker group" - "Firewall: HTTP (80) and HTTPS (443) allowed" - "==========================================" - "" - "Next Steps:" - "1. Log out and back in for docker group to take effect" - "2. Run deployment playbook to start containers" handlers: - name: Restart Docker systemd: name: docker state: restarted