Actualiza roles cgroups y docker para ser mas idempotentes y pasen an…

…sible-lint.
jorgearma1982 · Jun 29, 2024 · de55993 · de55993
1 parent 8a8fd30
commit de55993
Show file tree

Hide file tree

Showing 7 changed files with 134 additions and 10 deletions.
diff --git a/ansible/deploy-pi-hole.yml b/ansible/deploy-pi-hole.yml
@@ -10,6 +10,8 @@
   roles:
     - general-settings
     - ssh-server
+    - cgroups
+    - docker
   post_tasks:
     - name: Limpiar paquetes del cache
       ansible.builtin.apt:

diff --git a/ansible/roles/cgroups/handlers/main.yml b/ansible/roles/cgroups/handlers/main.yml
@@ -1,6 +1,16 @@
 ---
 # handlers file for cgroups
 
-- name: Restart server
-  ansible.builtin.shell: nohup bash -c "/bin/sleep 5 && /sbin/shutdown -r now" &
+- name: Reiniciar si se actualiza cmdline.txt
+  ansible.builtin.reboot:
+    msg: "Reiniciando para aplicar configuración de cgroups"
+    reboot_timeout: 60
+
+- name: Verificar que los cgroups están habilitados
+  ansible.builtin.command: grep cgroup /proc/cmdline
+  register: cmdline_output
   changed_when: false
+
+- name: Mostrar resultado de la verificación de cgroups
+  ansible.builtin.debug:
+    msg: "{{ cmdline_output.stdout }}"
diff --git a/ansible/roles/cgroups/tasks/main.yml b/ansible/roles/cgroups/tasks/main.yml
@@ -1,15 +1,25 @@
 ---
 # tasks file for cgroups
 
-- name: Agregar soporte cgroups de cpu y memoria al kernel
+- name: Instalar paquetes necesarios para cgroups
+  ansible.builtin.apt:
+    name:
+      - cgroup-tools
+      - libcgroup2
+    state: present
+
+- name: Verificar si la configuración de cgroups ya está presente
+  ansible.builtin.command: grep 'cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory' /boot/firmware/cmdline.txt
+  register: cgroups_config_present
+  ignore_errors: true
+  changed_when: false
+
+- name: Agregar soporte cgroups de cpu y memoria al kernel si no esta presente
   ansible.builtin.lineinfile:
-    path: /boot/cmdline.txt
+    path: /boot/firmware/cmdline.txt
     backrefs: true
     regexp: '^(.*)rootwait$'
     line: '\1rootwait cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory'
-  notify: restart server
-
-- name: Esperar a que el nodo reinicie
-  ansible.builtin.wait_for_connection:
-    timeout: 300
-    delay: 30
+    state: present
+  when: cgroups_config_present.rc != 0
+  notify: Reiniciar si se actualiza cmdline.txt
diff --git a/ansible/roles/docker/README.md b/ansible/roles/docker/README.md
@@ -0,0 +1,38 @@
+docker
+======
+
+Deploy docker to run containers
+
+Requirements
+------------
+
+Debian based system.
+
+Role Variables
+--------------
+
+Not at the moment.
+
+Dependencies
+------------
+
+Not at the moment.
+
+Example Playbook
+----------------
+
+To use this role, just include it in your playbook, for example:
+
+    - hosts: servers
+      roles:
+         - docker
+
+License
+-------
+
+MIT
+
+Author Information
+------------------
+
+Please any question, please contact the autor at: jorge.medina@kronops.com.mx.
diff --git a/ansible/roles/docker/defaults/main.yml b/ansible/roles/docker/defaults/main.yml
@@ -0,0 +1,4 @@
+---
+# defaults file for docker
+
+docker_release: "bookworm"
diff --git a/ansible/roles/docker/meta/main.yml b/ansible/roles/docker/meta/main.yml
@@ -0,0 +1,15 @@
+---
+galaxy_info:
+  role_name: docker
+  author: Jorge Medina
+  description: Deploy docker to run containers
+  company: KronOps
+  license: MIT
+  min_ansible_version: "2.9"
+  platforms:
+    - name: Debian
+      versions:
+        - bookworm
+  galaxy_tags:
+    - containers
+dependencies: []
diff --git a/ansible/roles/docker/tasks/main.yml b/ansible/roles/docker/tasks/main.yml
@@ -0,0 +1,45 @@
+---
+# tasks file for docker
+
+- name: Instalar dependencias de docker
+  ansible.builtin.apt:
+    name:
+      - gnupg2
+      - software-properties-common
+      - python3-setuptools
+      - python3-pip
+      - python3-websocket
+      - python3-docker
+    state: present
+
+- name: Instalar llave de repositorio apt para docker
+  ansible.builtin.apt_key:
+    url: https://download.docker.com/linux/debian/gpg
+    state: present
+
+- name: Instalar el repositorio apt para docker
+  ansible.builtin.apt_repository:
+    repo: deb [arch=arm64] https://download.docker.com/linux/debian {{ docker_release }} stable
+    filename: docker
+
+- name: Instalar Docker y paquetes relacionados
+  ansible.builtin.apt:
+    name:
+      - docker-ce
+      - docker-ce-cli
+      - containerd.io
+      - docker-buildx-plugin
+      - docker-compose-plugin
+    state: present
+
+- name: Agregar usuario ansible al grupo docker
+  ansible.builtin.user:
+    name: "{{ ansible_ssh_user }}"
+    append: true
+    groups: docker
+
+- name: Iniciar servicio docker al arranque del sistema
+  ansible.builtin.service:
+    name: docker
+    state: started
+    enabled: true