| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364 |
- ---
- - hosts: all
- user: mike
- become: true
- tasks:
- # - name: Update Server
- # apt:
- # upgrade: true
- # update-cache: true
- # cache_valid_time: 3600
- - name: Install Docker Containers
- community.docker.docker_container:
- name: portainer
- image: portainer/portainer-ce
- - name: Create Portainer Directory
- file:
- path: /home/mike/docker/portainer
- state: directory
- become_user: mike
- - name: Sync Portainer docker-compose file
- synchronize:
- src: /home/mike/Software/ansible-debian/portainer/docker-compose.yml
- dest: /home/mike/docker/portainer
- become_user: mike
- # - name: Set ownership of UFW files to root
- # file: dest=/etc/ufw/applications.d owner=root group=root recurse=yes
- ### Need to change ownership to root ###
- ### THIS DOES NOT WORK!
- ### IF RUN IN THIS SCRIPT, THIS CONTAINER IS started as 'mike' and cannot view /var/run/docker.sock
- ### if run alone (with --tags portainer) it works.
- - name: Start Portainer
- docker_compose:
- project_src: /home/mike/docker/portainer
- state: present
- become: yes
- become_method: sudo
- tags: portainer
- - name: Configure UFW - allow OpenSSH, samba, and TG-portainer
- ufw:
- rule: allow
- name: "{{ item }}"
- with_items:
- # - OpenSSH
- # - samba
- - TG-portainer
- # - name: Configure UFW - delete default allow 22
- # ufw:
- # rule: allow
- # port: 22
- # proto: tcp
- # delete: yes
- # - name: Configure UFW - deny all else
- # ufw:
- # state: enabled
- # policy: deny
|
