Ansible: Docker Remote API
10-08-2019
Language or Platform: None
Code:
# Enable remote API for Docker and set iptables rule
- hosts: portainer
become: yes
tasks:
- name: Add directory
become: true
file:
path: /etc/systemd/system/docker.service.d
state: directory
mode: '751'
- name: Create file
copy:
dest: "/etc/systemd/system/docker.service.d/override.conf"
content: |
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd -H fd:// -H tcp://0.0.0.0:2376
- name: Restart Docker services
systemd:
state: restarted
daemon_reload: yes
name: docker.service
# Make sure you specify correct IP and port
- name: Set iptables rule to only allow communication with main Portainer server
shell: sudo iptables -I INPUT -p tcp ! -s 10.1.160.20 --dport 2376 -j REJECT
args:
executable: /bin/bash