From 5a8d9370af750c25ac55a7ced51e24f29bb9facc Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Tue, 24 Oct 2023 23:31:26 +0200
Subject: add new role docker/registry (WIP)

---
 roles/docker/registry/tasks/main.yml | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 roles/docker/registry/tasks/main.yml

(limited to 'roles/docker/registry/tasks')

diff --git a/roles/docker/registry/tasks/main.yml b/roles/docker/registry/tasks/main.yml
new file mode 100644
index 00000000..70f0196c
--- /dev/null
+++ b/roles/docker/registry/tasks/main.yml
@@ -0,0 +1,31 @@
+---
+- name: prepare storage volume for /var/lib/docker-registry
+  when: docker_registry_storage is defined
+  vars:
+    storage_volume: "{{ docker_registry_storage | combine({'dest': '/var/lib/docker-registry'}) }}"
+  include_role:
+    name: "storage/{{ docker_registry_storage.type }}/volume"
+
+- name: install registry package
+  apt:
+    name: docker-registry
+    state: present
+
+- name: set up tls config
+  when: docker_registry_http_tls is defined
+  vars:
+    x509_certificate_name: "docker-registry"
+    x509_certificate_hostnames: "{{ docker_registry_http_hostnames }}"
+    x509_certificate_config: "{{ docker_registry_http_tls.certificate_config }}"
+    x509_certificate_reload_services:
+    - docker-registry
+  include_role:
+    name: "x509/{{ docker_registry_http_tls.certificate_provider }}/cert"
+
+- name: install config
+  template:
+    src: config.yml.j2
+    dest: /etc/docker/registry/config.yml
+    mode: 0640
+    group: docker-registry
+  notify: restart docker-registry
-- 
cgit v1.2.3