From e5f83941b9baeef48d7a7ed9b051bff545df0dcc Mon Sep 17 00:00:00 2001 From: Ansible Servercow Date: Wed, 26 Feb 2025 15:44:52 +0100 Subject: [PATCH] updated docke-image-mirror to image-proxy --- .../use-docker-image-proxy.yaml | 65 +++++++++++++++++++ .../managed-mailcow/use-docker-mirror.yaml | 35 ---------- 2 files changed, 65 insertions(+), 35 deletions(-) create mode 100644 playbooks/managed-mailcow/use-docker-image-proxy.yaml delete mode 100644 playbooks/managed-mailcow/use-docker-mirror.yaml diff --git a/playbooks/managed-mailcow/use-docker-image-proxy.yaml b/playbooks/managed-mailcow/use-docker-image-proxy.yaml new file mode 100644 index 0000000..2f68117 --- /dev/null +++ b/playbooks/managed-mailcow/use-docker-image-proxy.yaml @@ -0,0 +1,65 @@ +--- +- name: Update Docker Daemon configuration and apply proxy settings + hosts: all + become: yes + tasks: + - name: Read current Docker daemon.json + ansible.builtin.slurp: + src: /etc/docker/daemon.json + register: current_daemon_json + + - name: Parse current Docker daemon.json + set_fact: + current_daemon_config: "{{ current_daemon_json['content'] | b64decode | from_json }}" + + - name: Remove registry-mirrors if set + ansible.builtin.copy: + dest: /etc/docker/daemon.json + content: "{{ updated_daemon_json | to_nice_json }}" + vars: + updated_daemon_json: "{{ current_daemon_config | dict2items | rejectattr('key', 'equalto', 'registry-mirrors') | list | items2dict }}" + when: "'registry-mirrors' in current_daemon_config" + register: daemon_update + + - name: Ensure /usr/local/share/ca-certificates directory exists + ansible.builtin.file: + path: /usr/local/share/ca-certificates + state: directory + mode: '0755' + + - name: Download CA certificate from SCOW-DIM + ansible.builtin.get_url: + url: http://[2a07:6fc0:c:2809::20]:3128/ca.crt + dest: /usr/local/share/ca-certificates/SCOW-DIM-CA.crt + mode: '0644' + + - name: Update CA certificates + ansible.builtin.command: update-ca-certificates + changed_when: false + + - name: Ensure systemd service directory exists for Docker + ansible.builtin.file: + path: /etc/systemd/system/docker.service.d + state: directory + mode: '0755' + + - name: Configure Docker to use HTTP proxy + ansible.builtin.copy: + dest: /etc/systemd/system/docker.service.d/http-proxy.conf + content: | + [Service] + Environment="HTTP_PROXY=http://dim.servercow.com:3128/" + Environment="HTTPS_PROXY=http://dim.servercow.com:3128/" + mode: '0644' + register: proxy_update + + - name: Reload systemd daemon + ansible.builtin.systemd: + daemon_reload: yes + when: proxy_update.changed or daemon_update.changed + + - name: Restart Docker to apply changes + ansible.builtin.systemd: + name: docker + state: restarted + when: proxy_update.changed or daemon_update.changed diff --git a/playbooks/managed-mailcow/use-docker-mirror.yaml b/playbooks/managed-mailcow/use-docker-mirror.yaml deleted file mode 100644 index 4f0db59..0000000 --- a/playbooks/managed-mailcow/use-docker-mirror.yaml +++ /dev/null @@ -1,35 +0,0 @@ ---- -- name: Update Docker Daemon configuration to use Docker Mirror - hosts: all - become: yes - tasks: - - name: Read current Docker daemon.json - ansible.builtin.slurp: - src: /etc/docker/daemon.json - register: current_daemon_json - - - name: Parse current Docker daemon.json - set_fact: - current_daemon_config: "{{ current_daemon_json['content'] | b64decode | from_json }}" - - - name: Check current registry-mirrors setting - set_fact: - registry_mirrors_current: "{{ current_daemon_config['registry-mirrors'] | default('not_set') }}" - - - name: Update Docker daemon.json with registry-mirrors configuration if registry-mirrors not set or not equals - ansible.builtin.copy: - dest: /etc/docker/daemon.json - content: "{{ updated_daemon_json | to_nice_json }}" - vars: - registry_config: { - "registry-mirrors": ["https://dim.servercow.com"] - } - updated_daemon_json: "{{ current_daemon_config | combine(registry_config) }}" - when: registry_mirrors_current != 'https://dim.servercow.com' or log is undefined - register: daemon_update - - - name: Restart Docker to apply changes - ansible.builtin.systemd: - name: docker - state: restarted - when: daemon_update.changed \ No newline at end of file