updated docke-image-mirror to image-proxy

playbooks/managed-mailcow/use-docker-image-proxy.yaml

@@ -0,0 +1,65 @@
+---
+- name: Update Docker Daemon configuration and apply proxy settings
+  hosts: all
+  become: yes
+  tasks:
+    - name: Read current Docker daemon.json
+      ansible.builtin.slurp:
+        src: /etc/docker/daemon.json
+      register: current_daemon_json
+
+    - name: Parse current Docker daemon.json
+      set_fact:
+        current_daemon_config: "{{ current_daemon_json['content'] | b64decode | from_json }}"
+
+    - name: Remove registry-mirrors if set
+      ansible.builtin.copy:
+        dest: /etc/docker/daemon.json
+        content: "{{ updated_daemon_json | to_nice_json }}"
+      vars:
+        updated_daemon_json: "{{ current_daemon_config | dict2items | rejectattr('key', 'equalto', 'registry-mirrors') | list | items2dict }}"
+      when: "'registry-mirrors' in current_daemon_config"
+      register: daemon_update
+
+    - name: Ensure /usr/local/share/ca-certificates directory exists
+      ansible.builtin.file:
+        path: /usr/local/share/ca-certificates
+        state: directory
+        mode: '0755'
+
+    - name: Download CA certificate from SCOW-DIM
+      ansible.builtin.get_url:
+        url: http://[2a07:6fc0:c:2809::20]:3128/ca.crt
+        dest: /usr/local/share/ca-certificates/SCOW-DIM-CA.crt
+        mode: '0644'
+
+    - name: Update CA certificates
+      ansible.builtin.command: update-ca-certificates
+      changed_when: false
+
+    - name: Ensure systemd service directory exists for Docker
+      ansible.builtin.file:
+        path: /etc/systemd/system/docker.service.d
+        state: directory
+        mode: '0755'
+
+    - name: Configure Docker to use HTTP proxy
+      ansible.builtin.copy:
+        dest: /etc/systemd/system/docker.service.d/http-proxy.conf
+        content: |
+          [Service]
+          Environment="HTTP_PROXY=http://dim.servercow.com:3128/"
+          Environment="HTTPS_PROXY=http://dim.servercow.com:3128/"
+        mode: '0644'
+      register: proxy_update
+
+    - name: Reload systemd daemon
+      ansible.builtin.systemd:
+        daemon_reload: yes
+      when: proxy_update.changed or daemon_update.changed
+
+    - name: Restart Docker to apply changes
+      ansible.builtin.systemd:
+        name: docker
+        state: restarted
+      when: proxy_update.changed or daemon_update.changed

playbooks/managed-mailcow/use-docker-mirror.yaml

@@ -1,35 +0,0 @@
----
-- name: Update Docker Daemon configuration to use Docker Mirror
-  hosts: all
-  become: yes
-  tasks:   
-    - name: Read current Docker daemon.json
-      ansible.builtin.slurp:
-        src: /etc/docker/daemon.json
-      register: current_daemon_json
-
-    - name: Parse current Docker daemon.json
-      set_fact:
-        current_daemon_config: "{{ current_daemon_json['content'] | b64decode | from_json }}"
-
-    - name: Check current registry-mirrors setting
-      set_fact:
-        registry_mirrors_current: "{{ current_daemon_config['registry-mirrors'] | default('not_set') }}"
-
-    - name: Update Docker daemon.json with registry-mirrors configuration if registry-mirrors not set or not equals
-      ansible.builtin.copy:
-        dest: /etc/docker/daemon.json
-        content: "{{ updated_daemon_json | to_nice_json }}"
-      vars:
-        registry_config: {
-            "registry-mirrors": ["https://dim.servercow.com"]
-        }
-        updated_daemon_json: "{{ current_daemon_config | combine(registry_config) }}"
-      when: registry_mirrors_current != 'https://dim.servercow.com' or log is undefined
-      register: daemon_update
-
-    - name: Restart Docker to apply changes
-      ansible.builtin.systemd:
-        name: docker
-        state: restarted
-      when: daemon_update.changed