``container_packages: []`` is the list of container packages to install. We default to podman on RedHat based distros and docker.io on Debian-based distros.
-The following variables are used to optionally configure a docker.io mirror CA certificate. The role will use ``/etc/containers/certs.d`` if ``podman`` is installed and ``/etc/docker/certs.d`` if ``docker`` is installed.::
+The following variables are used to optionally configure a docker.io mirror CA certificate. The role will install the certificate in both ``/etc/containers/certs.d`` (for podman) and ``/etc/docker/certs.d`` (for docker).::
# Defined in all.yml in secrets repo
container_mirror: docker-mirror.front.sepia.ceph.com:5000
...
-----END CERTIFICATE-----
- # Automatically determined in roles/container-host/tasks/main.yml
- container_mirror_cert_path: "/etc/docker/certs.d/{{ container_mirror }}"
-
Tags
++++
---
-- name: "Create {{ container_mirror_cert_path }}"
+- name: "Create container_mirror_cert_paths"
file:
- path: "{{ container_mirror_cert_path }}"
+ path: "{{ item }}"
state: directory
+ with_items: "{{ container_mirror_cert_paths }}"
- name: "Copy {{ container_mirror }} self-signed cert"
copy:
- dest: "{{ container_mirror_cert_path }}/docker-mirror.crt"
+ dest: "{{ item }}/docker-mirror.crt"
content: "{{ container_mirror_cert }}"
+ with_items: "{{ container_mirror_cert_paths }}"
- name: Install registries-conf-ctl
pip:
when: container_packages|length > 0
- set_fact:
- container_mirror_cert_path: "/etc/containers/certs.d/{{ container_mirror }}"
container_service_conf: "/etc/containers/registries.conf"
when:
- "'podman' in container_packages"
- container-mirror
- set_fact:
- container_mirror_cert_path: "/etc/docker/certs.d/{{ container_mirror }}"
container_service_conf: "/etc/docker/daemon.json"
when:
- "'docker.io' in container_packages"
when:
- container_mirror is defined
- container_mirror_cert is defined
- - container_mirror_cert_path is defined
tags:
- container-mirror
--- /dev/null
+---
+container_mirror_cert_paths:
+ - "/etc/docker/certs.d/{{ container_mirror }}"
+ - "/etc/containers/certs.d/{{ container_mirror }}"