From 46472febcda5cfb7694f27f2669973683888a74b Mon Sep 17 00:00:00 2001
From: Jakob Meier <comcloudway@ccw.icu>
Date: Sun, 11 Jun 2023 17:44:23 +0200
Subject: [PATCH] Added docker setup script

---
 README.org                       |  2 +-
 group_vars/all/vars.yml          |  2 ++
 roles/system/defaults/docker.yml |  2 ++
 roles/system/defaults/main.yml   |  1 +
 roles/system/tasks/docker.yml    | 37 ++++++++++++++++++++++++++++++++
 roles/system/tasks/main.yml      |  1 +
 6 files changed, 44 insertions(+), 1 deletion(-)
 create mode 100644 roles/system/defaults/docker.yml
 create mode 100644 roles/system/tasks/docker.yml

diff --git a/README.org b/README.org
index 60c3ea4..02852db 100644
--- a/README.org
+++ b/README.org
@@ -2,7 +2,7 @@
 Ansible Playbook I use to provision my Alpine Linux server
 
 * Requirements
-- ~ansible~
+- ~ansible~ (~ansible-core~ is not enough, as I'm using ~community~ packages)
 
 * Running
 #+begin_src bash
diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml
index 92554f8..32dde11 100644
--- a/group_vars/all/vars.yml
+++ b/group_vars/all/vars.yml
@@ -6,3 +6,5 @@ base_packages:
   - htop
   - doas
 shell: /bin/ash
+docker_subid: "100000:65536"
+container_dir: "/home/{{ username }}"
diff --git a/roles/system/defaults/docker.yml b/roles/system/defaults/docker.yml
new file mode 100644
index 0000000..9943360
--- /dev/null
+++ b/roles/system/defaults/docker.yml
@@ -0,0 +1,2 @@
+---
+docker_subid: "100000:65536"
diff --git a/roles/system/defaults/main.yml b/roles/system/defaults/main.yml
index 99b38f6..631e0e8 100644
--- a/roles/system/defaults/main.yml
+++ b/roles/system/defaults/main.yml
@@ -1,3 +1,4 @@
+---
 # default username
 username: user
 # default user password
diff --git a/roles/system/tasks/docker.yml b/roles/system/tasks/docker.yml
new file mode 100644
index 0000000..bd1228a
--- /dev/null
+++ b/roles/system/tasks/docker.yml
@@ -0,0 +1,37 @@
+---
+- name: Ensure docker is installed
+  community.general.apk:
+    name:
+      - docker
+      - docker-openrc
+      - docker-cli-compose
+      - py3-docker-py
+      - docker-rootless-extras
+      - shadow-subids
+    state: latest
+
+# Run docker rootless
+- name: Setup subuid for docker-rootless
+  lineinfile:
+    path: /etc/subuid
+    search_string: "^{{ username }}:{{ docker_subid }}"
+    line: "{{ username }}:{{ docker_subid }}"
+
+- name: Setup subgid for docker-rootless
+  lineinfile:
+    path: /etc/subgid
+    search_string: "^{{ username }}:{{ docker_subid }}"
+    line: "{{ username }}:{{ docker_subid }}"
+
+- name: Ensure cgroups is running
+  service:
+    name: cgroups
+    enabled: true
+    state: started
+
+# Docker startup
+- name: Ensure docker is running, and starts on boot
+  service:
+    name: docker
+    enabled: true
+    state: started
diff --git a/roles/system/tasks/main.yml b/roles/system/tasks/main.yml
index 6493b12..17cf7b3 100644
--- a/roles/system/tasks/main.yml
+++ b/roles/system/tasks/main.yml
@@ -3,3 +3,4 @@
 - include_tasks: repo.yml
 - include_tasks: packages.yml
 - include_tasks: shell.yml
+- include_tasks: docker.yml
-- 
2.38.5