diff --git a/roles/webserver/tasks/install_docker.yml b/roles/webserver/tasks/install_docker.yml index c652043..819ba89 100644 --- a/roles/webserver/tasks/install_docker.yml +++ b/roles/webserver/tasks/install_docker.yml @@ -11,22 +11,32 @@ - apt-transport-https - ca-certificates - curl - - software-properties-common + - gnupg + - lsb-release - python3-pip - virtualenv - python3-setuptools state: latest update_cache: true - - name: Add Docker GPG apt Key - ansible.builtin.apt_key: + - name: Download Docker GPG key + ansible.builtin.get_url: url: https://download.docker.com/linux/debian/gpg - state: present + dest: /etc/apt/keyrings/docker.gpg + mode: '0644' + + - name: Add Docker GPG key to apt keyring + ansible.builtin.shell: | + gpg --dearmor < /etc/apt/keyrings/docker.gpg > /etc/apt/keyrings/docker.gpg.gpg + chmod 644 /etc/apt/keyrings/docker.gpg.gpg + args: + creates: /etc/apt/keyrings/docker.gpg.gpg - name: Add Docker Repository ansible.builtin.apt_repository: - repo: deb https://download.docker.com/linux/debian bookworm stable + repo: "deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg.gpg] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable" state: present + filename: docker - name: Update apt and install docker-ce ansible.builtin.apt: @@ -34,12 +44,6 @@ state: latest update_cache: true - - name: Update apt and install docker-compose - ansible.builtin.apt: - name: docker-compose - state: latest - update_cache: true - - name: Install Docker Module for Python ansible.builtin.pip: name: docker @@ -50,3 +54,15 @@ name: '{{ ansible_user }}' groups: docker append: true + + - name: Ensure Docker service is started and enabled + ansible.builtin.service: + name: docker + state: started + enabled: true + + - name: Ensure Docker Compose plugin is installed + ansible.builtin.apt: + name: docker-compose-plugin + state: latest + update_cache: true