add new role docker/registry (WIP)

author: Christian Pointner <equinox@spreadspace.org> 2023-10-24 23:31:26 +0200
committer: Christian Pointner <equinox@spreadspace.org> 2023-10-24 23:31:26 +0200
commit: 5a8d9370af750c25ac55a7ced51e24f29bb9facc (patch)
tree: 15e0d02c0dd4bf5c8421ec1f2ff06383b8fbb0c2 /roles/docker/registry/tasks
parent: docker/engine: also install buildx (diff)
1 files changed, 31 insertions, 0 deletions
diff --git a/roles/docker/registry/tasks/main.yml b/roles/docker/registry/tasks/main.yml
new file mode 100644
index 00000000..70f0196c
--- /dev/null
+++ b/roles/docker/registry/tasks/main.yml
@@ -0,0 +1,31 @@
+---
+- name: prepare storage volume for /var/lib/docker-registry
+  when: docker_registry_storage is defined
+  vars:
+    storage_volume: "{{ docker_registry_storage | combine({'dest': '/var/lib/docker-registry'}) }}"
+  include_role:
+    name: "storage/{{ docker_registry_storage.type }}/volume"
+
+- name: install registry package
+  apt:
+    name: docker-registry
+    state: present
+
+- name: set up tls config
+  when: docker_registry_http_tls is defined
+  vars:
+    x509_certificate_name: "docker-registry"
+    x509_certificate_hostnames: "{{ docker_registry_http_hostnames }}"
+    x509_certificate_config: "{{ docker_registry_http_tls.certificate_config }}"
+    x509_certificate_reload_services:
+    - docker-registry
+  include_role:
+    name: "x509/{{ docker_registry_http_tls.certificate_provider }}/cert"
+
+- name: install config
+  template:
+    src: config.yml.j2
+    dest: /etc/docker/registry/config.yml
+    mode: 0640
+    group: docker-registry
+  notify: restart docker-registry
author	Christian Pointner <equinox@spreadspace.org>	2023-10-24 23:31:26 +0200
committer	Christian Pointner <equinox@spreadspace.org>	2023-10-24 23:31:26 +0200
commit	5a8d9370af750c25ac55a7ced51e24f29bb9facc (patch)
tree	15e0d02c0dd4bf5c8421ec1f2ff06383b8fbb0c2 /roles/docker/registry/tasks
parent	docker/engine: also install buildx (diff)