Docker Framework Role

A minimal, reusable Ansible role that creates the base Docker directory structure with proper permissions and ownership for all service deployments.

Single Responsibility

This role follows the KISS principle and has one job: create /docker directory with correct permissions. Nothing more, nothing less.

What it does

1. Creates /docker directory with ansible:users ownership
2. Sets permissions to 0775
3. Applies group sticky bit (g+s) for permission inheritance
4. Ensures the ansible user is in the users group
5. Validates the setup

Usage

Include this role in your playbooks before any service roles that need Docker directories:

roles:
  - role: geerlingguy.docker
    tags: docker
    
  - role: docker-framework
    tags: [docker-framework, docker]
    
  - role: connectivity  # or storage, runner, etc.
    tags: services

Variables

All variables have sensible defaults and rarely need to be overridden:

Variable	Default	Description
docker_framework_base_path	/docker	Base Docker directory path
docker_framework_owner	ansible	Directory owner
docker_framework_group	users	Directory group
docker_framework_mode	0775	Directory permissions
docker_framework_sgid	true	Enable group sticky bit

Directory Structure Created

/docker/
├── owner: ansible
├── group: users
├── mode: 0775 + g+s
└── (service-specific subdirectories created by service roles)

Dependencies

• None (minimal by design)

Tags

• docker-framework: All tasks
• directories: Directory creation
• permissions: Permission setup
• users: User group management
• validate: Validation tasks

Philosophy

This role embodies the Unix philosophy: "Do one thing and do it well." It provides a solid, reusable foundation that all service deployment roles can depend on without complexity or bloat.