ansible und docker scripte

2025-10-25 17:19:14 +02:00 · 2025-10-25 17:19:14 +02:00 · 8a26c18c83
commit 8a26c18c83
parent d92059b217
5 changed files with 133 additions and 0 deletions
--- a/AGENTS.md
+++ b/AGENTS.md
@ -0,0 +1,19 @@
 # Repository Guidelines
 ## Project Structure & Module Organization
 Infrastructure automation lives in `ansible/` with playbooks like `install-docker.yml` and roles under `ansible/roles/` (`install_docker`, `install_oh-my-zsh`, `mailcow-ansiblerole`). Reusable helper prompts for shell sessions sit in `prompts/`, while ready-made walkthrough scripts belong in `scripts/` (for example `00-Beispiel-1.sh`). The root `README.md` is the canonical handout for trainees, so update it alongside any major workflow change.
 ## Build, Test, and Development Commands
 Use `ansible-playbook -i <inventory> ansible/install-docker.yml` to provision a host end-to-end. Validate changes quickly with `ansible-playbook --syntax-check ansible/install-docker.yml` and dry-run with `ansible-playbook --check ...` before touching real servers. Scripted exercises run via `bash scripts/00-Beispiel-1.sh`, which is also a template for new labs. After editing shell utilities, run `bash -n scripts/<file>.sh` to catch syntax errors.
 ## Coding Style & Naming Conventions
 YAML uses two-space indents, lowercase keys, and descriptive role/variable names (`install_docker`, `with_starship`). Keep playbooks idempotent and prefer Ansible modules over raw shell. Shell scripts target Debian-based hosts; start with `#!/usr/bin/env bash`, set `set -euo pipefail`, and use lowercase, hyphenated filenames. Any visible output should be concise so trainees can follow along live.
 ## Testing Guidelines
 Every role change must pass `ansible-playbook --syntax-check` and a `--check` run against a disposable host. When roles install packages, assert outcomes with `changed_when`/`failed_when` to keep reports accurate. For scripts, add usage comments at the top, run them in a throwaway VM, and document expected prompts or side effects inside the script itself.
 ## Commit & Pull Request Guidelines
 Follow the existing concise, German-friendly summaries (`README.md aktualisiert`, `kleine korrekturen`). Start messages with an imperative verb and keep the subject ≤70 chars; add detail in the body when configuration files or roles change. Pull requests should describe the scenario (host type, inventory snippet, or script name), list verification commands, and attach screenshots/log excerpts when UI or prompt adjustments are involved. Link training issues or agenda items so reviewers know which exercise the change supports.
 ## Security & Configuration Tips
 Assume root SSH on wildcard hosts (`fobiX.benbex.de`); never store credentials in the repo. Before running provisioning playbooks, confirm the target number (`X`) and ensure DNS wildcard records resolve locally. When sharing prompt tweaks, reference the exact file in `prompts/` and remind users to source it with `. prompts/<name>` so history or return-code cues are accurate.
--- a/README.md
+++ b/README.md
@ -96,3 +96,18 @@ Um das Terminal etwas zu verschönern (und übersichtlicher zu machen) setze den
 ```
 (vergiss auch hier die `<TAB>`-Taste nicht...)
 ## Docker-Host vorbereiten
 der Server benötigt einige Pakete, damit er seinen Dienst als Docker-Host antreten kann. 
 Zusätzliche Pakete sind nötig, damit die Hilfs-Scripte ordnungsgemäß laufen können. 
 Von Hand würde man jetzt die [offizielle Docker.com Anleitung "Install Docker Engine on Debian"](https://docs.docker.com/engine/install/debian/) durchspielen.
 Einfacher geht es, wenn schon jemand™ ein "ansible-playbook" hergestellt hat. Zufälligerweise liegt hier eins im Repo.
 Ein Ansible-Playbook ist eine Datei, die für das Open-Source-Automatisierungs-Tool ansible einen Zustand eines Servers beschreibt. Ansible kümmert sich dann darum, diesen Zustand herzustellen.
 Um dieses Playbook zu verwenden benötigt man natürlich "ansible".
 ansible installieren und anschließend direkt alles aus ["Install Docker Engine on Debian"](https://docs.docker.com/engine/install/debian/) automatisch durchführen kannst du mit dem Skript `01-install-ansible-and-run-playbook.sh`. Wie gerade schon geübt machst du das mit dem Befehl
 ```sh
 root@fobiX:~# bash scripts/01<TAB><ENTER>
 ```
--- a/ansible/install-docker.yml
+++ b/ansible/install-docker.yml
@ -0,0 +1,8 @@
 - hosts: all
  name: Dockerhost installieren
  remote_user: root
  gather_facts: yes
  roles:
    - install_docker
--- a/ansible/roles/install_docker/tasks/main.yml
+++ b/ansible/roles/install_docker/tasks/main.yml
@ -0,0 +1,64 @@
 # ---
 # tasks file for install_docker
 - name: Check if Docker is installed
  become: yes
  command: docker -v 
  register: docker_installed
  ignore_errors: true
 - name: Ensure no conflicting Docker packages are installed
  become: yes
  ansible.builtin.apt:
    name:
      - docker.io 
      - docker-doc 
      - docker-compose 
      - podman-docker 
      - containerd 
      - runc
    state: absent
    purge: yes
 - name: Install Docker 
  become: yes
  block:
    - name: Add Docker's official GPG key
      block:
        - name: Install necessary packages
          become: yes
          ansible.builtin.apt:
            name:
              - ca-certificates 
              - curl
              - gnupg
            state: latest
            update_cache: yes
        - name: Add GPG key
          ansible.builtin.shell:
            cmd: |
              install -m 0755 -d /etc/apt/keyrings
              curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
              chmod a+r /etc/apt/keyrings/docker.asc
    - name: Add the repository to Apt sources
      block:
        - name: Add repos
          ansible.builtin.shell:
            cmd: |
              echo \
              "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
              "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
              sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
    - name: Install Docker packages
      become: yes
      ansible.builtin.apt:
        name:
          - docker-ce 
          - docker-ce-cli 
          - containerd.io 
          - docker-buildx-plugin 
          - docker-compose-plugin
        state: latest
        update_cache: yes
  when: docker_installed.failed
--- a/scripts/01-install-ansible-and-run-playbook.sh
+++ b/scripts/01-install-ansible-and-run-playbook.sh
@ -0,0 +1,27 @@
 #!/usr/bin/env bash
 set -euo pipefail
 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 REPO_ROOT="$(cd "${SCRIPT_DIR}/.." && pwd)"
 cd "${REPO_ROOT}"
 if [[ ${EUID} -ne 0 ]]; then
  echo "Bitte als root oder per sudo ausführen." >&2
  exit 1
 fi
 echo "[0/3] Arbeitsverzeichnis: ${REPO_ROOT}"
 echo "[1/3] apt-Index aktualisieren..."
 apt-get update -y
 echo "[2/3] Ansible installieren..."
 DEBIAN_FRONTEND=noninteractive apt-get install -y ansible
 echo "[3/3] Playbook ansible/install-docker.yml lokal ausführen..."
 ansible-playbook \
  -i localhost, \
  --connection=local \
  ansible/install-docker.yml
 echo "Fertig: install-docker.yml wurde erfolgreich auf localhost angewendet."