--- - name: Manage Docker environment hosts: docker_hosts become: true vars: docker_users: - chester docker_daemon_options: log-driver: "json-file" log-opts: max-size: "10m" max-file: "3" storage-driver: "overlay2" docker_cleanup_enabled: false docker_cleanup_older_than_days: 30 tasks: - name: Install Docker prerequisite packages ansible.builtin.apt: name: - apt-transport-https - ca-certificates - curl - gnupg - lsb-release - python3-pip - python3-docker state: present update_cache: true - name: Add Docker apt signing key ansible.builtin.apt_key: url: "https://download.docker.com/linux/ubuntu/gpg" state: present - name: Add Docker apt repository ansible.builtin.apt_repository: repo: "deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable" state: present - name: Install Docker Engine packages ansible.builtin.apt: name: - docker-ce - docker-ce-cli - containerd.io - docker-buildx-plugin - docker-compose-plugin state: present update_cache: true - name: Ensure Docker service is enabled and started ansible.builtin.systemd: name: docker state: started enabled: true - name: Configure Docker daemon options ansible.builtin.copy: content: "{{ docker_daemon_options | to_nice_json }}" dest: /etc/docker/daemon.json mode: '0644' notify: Restart Docker - name: Add configured users to docker group ansible.builtin.user: name: "{{ item }}" groups: docker append: true loop: "{{ docker_users }}" - name: Ensure Docker networks directory exists ansible.builtin.file: path: /etc/docker/networks state: directory mode: '0755' - name: Gather Docker host information community.docker.docker_host_info: register: docker_info - name: Show Docker version ansible.builtin.debug: msg: "Docker version {{ docker_info.host_info.ServerVersion }}" - name: Ensure required Docker networks exist community.docker.docker_network: name: "{{ item }}" state: present loop: - backend - frontend - name: Check Docker disk usage ansible.builtin.command: docker system df register: docker_disk_usage changed_when: false - name: Show Docker disk usage output ansible.builtin.debug: var: docker_disk_usage.stdout_lines - name: Check for unhealthy containers ansible.builtin.command: docker ps --filter health=unhealthy --format '{{"{{.Names}}\t{{.Status}}"}}' register: unhealthy_containers changed_when: false failed_when: false - name: Report unhealthy containers ansible.builtin.debug: msg: "Unhealthy containers detected: {{ unhealthy_containers.stdout_lines }}" when: unhealthy_containers.stdout | length > 0 - name: Prune Docker resources when cleanup is enabled community.docker.docker_prune: containers: true images: true images_filters: until: "{{ docker_cleanup_older_than_days * 24 }}h" networks: true volumes: true when: docker_cleanup_enabled register: docker_prune_result - name: Show Docker cleanup results ansible.builtin.debug: var: docker_prune_result when: docker_cleanup_enabled - name: Create Docker backup directory ansible.builtin.file: path: /opt/docker-backups state: directory mode: '0750' - name: Find docker-compose files ansible.builtin.find: paths: - /opt - /home patterns: "docker-compose*.yml" recurse: true register: compose_files - name: Back up docker-compose files ansible.builtin.copy: src: "{{ item.path }}" dest: "/opt/docker-backups/{{ item.path | basename }}.{{ ansible_date_time.date }}" remote_src: true mode: '0644' loop: "{{ compose_files.files }}" when: compose_files.files | length > 0 handlers: - name: Restart Docker ansible.builtin.systemd: name: docker state: restarted