--- - name: Update Docker Daemon configuration and apply proxy settings hosts: all become: yes tasks: - name: Read current Docker daemon.json ansible.builtin.slurp: src: /etc/docker/daemon.json register: current_daemon_json - name: Parse current Docker daemon.json set_fact: current_daemon_config: "{{ current_daemon_json['content'] | b64decode | from_json }}" - name: Remove registry-mirrors if set ansible.builtin.copy: dest: /etc/docker/daemon.json content: "{{ updated_daemon_json | to_nice_json }}" vars: updated_daemon_json: "{{ current_daemon_config | dict2items | rejectattr('key', 'equalto', 'registry-mirrors') | list | items2dict }}" when: "'registry-mirrors' in current_daemon_config" register: daemon_update - name: Ensure /usr/local/share/ca-certificates directory exists ansible.builtin.file: path: /usr/local/share/ca-certificates state: directory mode: '0755' - name: Download CA certificate from SCOW-DIM ansible.builtin.get_url: url: http://[2a07:6fc0:c:2809::20]:3128/ca.crt dest: /usr/local/share/ca-certificates/SCOW-DIM-CA.crt mode: '0644' - name: Update CA certificates ansible.builtin.command: update-ca-certificates changed_when: false - name: Ensure systemd service directory exists for Docker ansible.builtin.file: path: /etc/systemd/system/docker.service.d state: directory mode: '0755' - name: Configure Docker to use HTTP proxy ansible.builtin.copy: dest: /etc/systemd/system/docker.service.d/http-proxy.conf content: | [Service] Environment="HTTP_PROXY=http://dim.servercow.com:3128/" Environment="HTTPS_PROXY=http://dim.servercow.com:3128/" mode: '0644' register: proxy_update - name: Reload systemd daemon ansible.builtin.systemd: daemon_reload: yes when: proxy_update.changed or daemon_update.changed - name: Restart Docker to apply changes ansible.builtin.systemd: name: docker state: restarted when: proxy_update.changed or daemon_update.changed