diff --git a/.gitmodules b/.gitmodules index 503f2f89336fd9de0da75081543eb49009610ce2..896975128f438e65424054cbb626baa126693a75 100644 --- a/.gitmodules +++ b/.gitmodules @@ -16,3 +16,9 @@ [submodule "provisioning/roles/kypo-user-access-windows"] path = provisioning/roles/kypo-user-access-windows url = https://gitlab.ics.muni.cz/muni-kypo-crp/backend-python/ansible-networking-stage/kypo-user-access-windows +[submodule "provisioning/roles/docker-compose"] + path = provisioning/roles/docker-compose + url = https://gitlab.ics.muni.cz/muni-kypo/ansible-roles/docker-compose +[submodule "provisioning/roles/docker"] + path = provisioning/roles/docker + url = https://gitlab.ics.muni.cz/CSIRT-MU-PUBLIC/ansible-roles/docker diff --git a/provisioning/playbook.yml b/provisioning/playbook.yml index 968808aa38dcbd4eb37d3b9dc871a12721cf1a7b..4e5dc2563b4063666fa49a0ef7d9c0442dc0d427 100644 --- a/provisioning/playbook.yml +++ b/provisioning/playbook.yml @@ -356,3 +356,44 @@ - name: reboot machine win_reboot: when: win_hostname_return_value.reboot_required + +- name: Prepare docker enabled machines + hosts: + - docker_hosts + become: yes + + roles: + - role: kypo-user-access + kypo_user_access_username: kypo-user + kypo_user_access_ssh_public_key_options: 'restrict,port-forwarding,command="/usr/sbin/nologin"' + + tasks: + - name: Install required system packages for Docker + apt: + name: gnupg-agent + state: latest + update_cache: yes + + - name: Install docker-compose + include_role: + name: docker-compose + + - name: Add administrator to docker group + user: + name: "{{ ansible_user }}" + groups: docker + append: yes + + - name: Copy user public key to remote machine + copy: + src: "{{ kypo_global_ssh_public_user_key }}" + dest: "/home/kypo-user/.ssh/user_rsa.pub" + + - name: Copy docker container directory to remote machine + copy: + src: "{{ containers_path }}" + dest: "/home/kypo-user/containers" + + - name: Build docker containers + community.docker.docker_compose: + project_src: "/home/kypo-user/containers/" diff --git a/provisioning/roles/docker b/provisioning/roles/docker new file mode 160000 index 0000000000000000000000000000000000000000..b03308ef7c89348216bf349c833cf3ce0a006bd3 --- /dev/null +++ b/provisioning/roles/docker @@ -0,0 +1 @@ +Subproject commit b03308ef7c89348216bf349c833cf3ce0a006bd3 diff --git a/provisioning/roles/docker-compose b/provisioning/roles/docker-compose new file mode 160000 index 0000000000000000000000000000000000000000..7a9f2ce48aae64b2ae16e6583fc79a5def48eaa6 --- /dev/null +++ b/provisioning/roles/docker-compose @@ -0,0 +1 @@ +Subproject commit 7a9f2ce48aae64b2ae16e6583fc79a5def48eaa6