docker-framework

1.9 KB•MD

README.md

1.9 KB • 69 lines • markdown

1# Docker Framework Role
2
3A minimal, reusable Ansible role that creates the base Docker directory structure with proper permissions and ownership for all service deployments.
4
5## Single Responsibility
6
7This role follows the KISS principle and has one job: create `/docker` directory with correct permissions. Nothing more, nothing less.
8
9## What it does
10
111. Creates `/docker` directory with `ansible:users` ownership
122. Sets permissions to `0775` 
133. Applies group sticky bit (`g+s`) for permission inheritance
144. Ensures the ansible user is in the users group
155. Validates the setup
16
17## Usage
18
19Include this role in your playbooks before any service roles that need Docker directories:
20
21```yaml
22roles:
23  - role: geerlingguy.docker
24    tags: docker
25    
26  - role: docker-framework
27    tags: [docker-framework, docker]
28    
29  - role: connectivity  # or storage, runner, etc.
30    tags: services
31```
32
33## Variables
34
35All variables have sensible defaults and rarely need to be overridden:
36
37| Variable | Default | Description |
38|----------|---------|-------------|
39| `docker_framework_base_path` | `/docker` | Base Docker directory path |
40| `docker_framework_owner` | `ansible` | Directory owner |
41| `docker_framework_group` | `users` | Directory group |
42| `docker_framework_mode` | `0775` | Directory permissions |
43| `docker_framework_sgid` | `true` | Enable group sticky bit |
44
45## Directory Structure Created
46
47```
48/docker/
49âââ owner: ansible
50âââ group: users
51âââ mode: 0775 + g+s
52âââ (service-specific subdirectories created by service roles)
53```
54
55## Dependencies
56
57- None (minimal by design)
58
59## Tags
60
61- `docker-framework`: All tasks
62- `directories`: Directory creation
63- `permissions`: Permission setup
64- `users`: User group management
65- `validate`: Validation tasks
66
67## Philosophy
68
69This role embodies the Unix philosophy: "Do one thing and do it well." It provides a solid, reusable foundation that all service deployment roles can depend on without complexity or bloat.

1# Docker Framework Role 2 3A minimal, reusable Ansible role that creates the base Docker directory structure with proper permissions and ownership for all service deployments. 4 5## Single Responsibility 6 7This role follows the KISS principle and has one job: create `/docker` directory with correct permissions. Nothing more, nothing less. 8 9## What it does 10 111. Creates `/docker` directory with `ansible:users` ownership 122. Sets permissions to `0775` 133. Applies group sticky bit (`g+s`) for permission inheritance 144. Ensures the ansible user is in the users group 155. Validates the setup 16 17## Usage 18 19Include this role in your playbooks before any service roles that need Docker directories: 20 21```yaml 22roles: 23 - role: geerlingguy.docker 24 tags: docker 25 26 - role: docker-framework 27 tags: [docker-framework, docker] 28 29 - role: connectivity # or storage, runner, etc. 30 tags: services 31``` 32 33## Variables 34 35All variables have sensible defaults and rarely need to be overridden: 36 37| Variable | Default | Description | 38|----------|---------|-------------| 39| `docker_framework_base_path` | `/docker` | Base Docker directory path | 40| `docker_framework_owner` | `ansible` | Directory owner | 41| `docker_framework_group` | `users` | Directory group | 42| `docker_framework_mode` | `0775` | Directory permissions | 43| `docker_framework_sgid` | `true` | Enable group sticky bit | 44 45## Directory Structure Created 46 47``` 48/docker/ 49âââ owner: ansible 50âââ group: users 51âââ mode: 0775 + g+s 52âââ (service-specific subdirectories created by service roles) 53``` 54 55## Dependencies 56 57- None (minimal by design) 58 59## Tags 60 61- `docker-framework`: All tasks 62- `directories`: Directory creation 63- `permissions`: Permission setup 64- `users`: User group management 65- `validate`: Validation tasks 66 67## Philosophy 68 69This role embodies the Unix philosophy: "Do one thing and do it well." It provides a solid, reusable foundation that all service deployment roles can depend on without complexity or bloat.