diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..f34c329 --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,4 @@ +--- +- name: Update the apt package cache + ansible.builtin.apt: + update_cache: true diff --git a/tasks/main.yml b/tasks/main.yml index 8e11c19..d4240c4 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,4 +1,16 @@ --- +- name: Load var file based on the OS type + ansible.builtin.include_vars: + file: "{{ lookup('first_found', params) }}" + vars: + params: + files: + - "{{ ansible_distribution }}_{{ ansible_distribution_release }}.yml" + - "{{ ansible_distribution }}.yml" + - "{{ ansible_os_family }}.yml" + paths: + - "{{ role_path }}/vars" + - name: Load setup tasks file for adding the official Docker repo ansible.builtin.include_tasks: file: "{{ lookup('first_found', params) }}" @@ -15,22 +27,10 @@ # Fedora. - ansible_os_family == "Debian" or ansible_distribution == "Fedora" -- name: Load var file with package names based on the OS type - ansible.builtin.include_vars: - file: "{{ lookup('first_found', params) }}" - vars: - params: - files: - - "{{ ansible_distribution }}_{{ ansible_distribution_release }}.yml" - - "{{ ansible_distribution }}.yml" - - "{{ ansible_os_family }}.yml" - paths: - - "{{ role_path }}/vars" - - name: > Install Docker, Docker Compose, and the Docker Python library ansible.builtin.package: - name: "{{ package_names }}" + name: "{{ docker_prerequisites }}" # Amazon Linux 2023 does not (yet?) offer docker-compose or the # Docker Compose plugin, so we grab it from GitHub: @@ -46,7 +46,6 @@ - name: Systemd daemon-reload ansible.builtin.systemd: daemon_reload: true - when: ansible_service_mgr == "systemd" - name: Enable docker ansible.builtin.service: diff --git a/tasks/setup_Debian.yml b/tasks/setup_Debian.yml index 6008113..147b9b0 100644 --- a/tasks/setup_Debian.yml +++ b/tasks/setup_Debian.yml @@ -13,42 +13,48 @@ - runc state: absent -- name: Add official Docker repo (Debian, not Kali) +- name: Install prerequisites so apt can use a repo over HTTPS + ansible.builtin.package: + name: "{{ apt_over_https_prerequisites }}" + +# Debian Buster does not support DEB822 repos, so we have to treat it +# as a special case. +- name: Add official Docker repo (Debian Buster) when: - - ansible_distribution | lower != "kali" + - ansible_distribution_release == "buster" block: - - name: Install prerequisites so apt can use a repo over HTTPS (Debian, not Kali) - ansible.builtin.package: - name: - - apt-transport-https - - ca-certificates - - curl - - gnupg2 - - lsb-release - - software-properties-common - - name: Get official Docker repo GPG key (Debian, not Kali) + - name: Get official Docker repo GPG key ansible.builtin.apt_key: - url: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg - - name: Add the official Docker repo (Debian, not Kali) + url: https://download.docker.com/linux/{{ apt_distro }}/gpg + - name: Add the official Docker repo ansible.builtin.apt_repository: - repo: deb https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable + repo: deb https://download.docker.com/linux/{{ apt_distro }} {{ apt_distro_release }} stable + # ansible.builtin.apt_repository updates the package cache so + # there is no need to do it explicitly. -- name: Add official Docker repo (Kali) +- name: Add official Docker repo when: - - ansible_distribution | lower == "kali" + - ansible_distribution_release != "buster" block: - - name: Install prerequisites so apt can use a repo over HTTPS (Kali) + - name: Install prerequisites so apt can use DEB822 repos ansible.builtin.package: name: - - apt-transport-https - - ca-certificates - - curl - - gnupg2 - - lsb-release - # Use Debian Bookworm for Kali - - name: Get official Docker repo GPG key (Kali) - ansible.builtin.apt_key: - url: https://download.docker.com/linux/debian/gpg - - name: Add the official Docker repo (Kali) - ansible.builtin.apt_repository: - repo: deb https://download.docker.com/linux/debian bookworm stable + - python3-debian + - name: Add the official Docker repo + ansible.builtin.deb822_repository: + components: + - stable + name: docker + signed_by: https://download.docker.com/linux/{{ apt_distro }}/gpg + suites: + - "{{ apt_distro_release }}" + uris: + - https://download.docker.com/linux/{{ apt_distro }} + notify: + - Update the apt package cache + # We need the handler that updates the apt package cache to run + # now if it is necessary. It is required by the parent playbook + # since it will attempt to install the packages from the new apt + # package repo. + - name: Flush handlers + ansible.builtin.meta: flush_handlers diff --git a/vars/Amazon.yml b/vars/Amazon.yml index 1213911..eba7e48 100644 --- a/vars/Amazon.yml +++ b/vars/Amazon.yml @@ -1,6 +1,6 @@ --- -# The system packages to install. Note that python-docker is not -# available on Amazon Linux 2023: +# The system packages required for Docker. Note that python-docker is +# not available on Amazon Linux 2023: # https://docs.aws.amazon.com/linux/al2023/release-notes/all-packages-al2023-20230419.html -package_names: +docker_prerequisites: - docker diff --git a/vars/Debian.yml b/vars/Debian.yml index ad7d454..4d34a41 100644 --- a/vars/Debian.yml +++ b/vars/Debian.yml @@ -1,8 +1,24 @@ --- -# The system packages to install +# The Linux distribution to use when configuring a Debian repo. +apt_distro: "{{ ansible_distribution | lower }}" + +# The release of the Linux distribution to use when configuring a +# Debian repo. +apt_distro_release: "{{ ansible_distribution_release }}" + +# The system packages required for apt-over-https. +apt_over_https_prerequisites: + - apt-transport-https + - ca-certificates + - curl + - gnupg2 + - lsb-release + - software-properties-common + +# The system packages required for Docker. # # https://docs.docker.com/engine/install/debian/ -package_names: +docker_prerequisites: - containerd.io - docker-buildx-plugin - docker-ce diff --git a/vars/Kali.yml b/vars/Kali.yml new file mode 100644 index 0000000..b2519b9 --- /dev/null +++ b/vars/Kali.yml @@ -0,0 +1,42 @@ +--- +# The Linux distribution to use when configuring a Debian repo. Note +# that we force Kali to use Debian Bookworm. This is because Docker +# does not provide an official package for Kali or Debian Testing (on +# which Kali is based), but it does support Bookworm which is close +# enough to work. +apt_distro: debian + +# The release of the Linux distribution to use when configuring a +# Debian repo. Note that we force Kali to use Debian Bookworm. This +# is because Docker does not provide an official package for Kali or +# Debian Testing (on which Kali is based), but it does support +# Bookworm which is close enough to work. +apt_distro_release: bookworm + +# The system packages required for apt-over-https. +apt_over_https_prerequisites: + - apt-transport-https + - ca-certificates + - curl + - gnupg2 + - lsb-release + # This package is not available on Kali, but whatever it installs + # seems to already be present. + # - software-properties-common + +# The system packages required for Docker. +# +# https://docs.docker.com/engine/install/debian/ +docker_prerequisites: + - containerd.io + - docker-buildx-plugin + - docker-ce + - docker-ce-cli + - docker-compose-plugin + # This package is required to avoid an issue with docker compose + # pull. See the following for more information: + # - https://github.com/docker/compose/issues/9560 + # - https://github.com/docker/compose/issues/6023 + # - https://docs.docker.com/engine/reference/commandline/login/ + - pass + - python3-docker