100 lines
2.7 KiB
Python
100 lines
2.7 KiB
Python
|
from bundlewrap.metadata import metadata_to_json
|
||
|
|
||
|
deps = {
|
||
|
'pkg_apt:docker-ce',
|
||
|
'pkg_apt:docker-ce-cli',
|
||
|
}
|
||
|
|
||
|
directories['/opt/docker-engine'] = {
|
||
|
'purge': True,
|
||
|
}
|
||
|
directories['/var/opt/docker-engine'] = {}
|
||
|
|
||
|
files['/etc/docker/daemon.json'] = {
|
||
|
'content': metadata_to_json(node.metadata.get('docker-engine/config')),
|
||
|
'triggers': {
|
||
|
'svc_systemd:docker:restart',
|
||
|
},
|
||
|
# install config before installing packages to ensure the config is
|
||
|
# applied to the first start as well
|
||
|
'before': deps,
|
||
|
}
|
||
|
|
||
|
svc_systemd['docker'] = {
|
||
|
'needs': deps,
|
||
|
}
|
||
|
|
||
|
files['/usr/local/share/icinga/plugins/check_docker_container'] = {
|
||
|
'mode': '0755',
|
||
|
}
|
||
|
|
||
|
for app, config in node.metadata.get('docker-engine/containers', {}).items():
|
||
|
volumes = config.get('volumes', {})
|
||
|
|
||
|
files[f'/opt/docker-engine/{app}'] = {
|
||
|
'source': 'docker-wrapper',
|
||
|
'content_type': 'mako',
|
||
|
'context': {
|
||
|
'environment': config.get('environment', {}),
|
||
|
'image': config['image'],
|
||
|
'name': app,
|
||
|
'ports': config.get('ports', {}),
|
||
|
'timezone': node.metadata.get('timezone'),
|
||
|
'volumes': volumes,
|
||
|
},
|
||
|
'mode': '0755',
|
||
|
'triggers': {
|
||
|
f'svc_systemd:docker-{app}:restart',
|
||
|
},
|
||
|
}
|
||
|
|
||
|
users[f'docker-{app}'] = {
|
||
|
'home': f'/var/opt/docker-engine/{app}',
|
||
|
'groups': {
|
||
|
'docker',
|
||
|
},
|
||
|
'after': {
|
||
|
# provides docker group
|
||
|
'pkg_apt:docker-ce',
|
||
|
},
|
||
|
}
|
||
|
|
||
|
files[f'/usr/local/lib/systemd/system/docker-{app}.service'] = {
|
||
|
'source': 'docker-wrapper.service',
|
||
|
'content_type': 'mako',
|
||
|
'context': {
|
||
|
'name': app,
|
||
|
'requires': {
|
||
|
*set(config.get('requires', set())),
|
||
|
'docker.service',
|
||
|
}
|
||
|
},
|
||
|
'triggers': {
|
||
|
'action:systemd-reload',
|
||
|
f'svc_systemd:docker-{app}:restart',
|
||
|
},
|
||
|
}
|
||
|
|
||
|
svc_systemd[f'docker-{app}'] = {
|
||
|
'needs': {
|
||
|
*deps,
|
||
|
f'file:/opt/docker-engine/{app}',
|
||
|
f'file:/usr/local/lib/systemd/system/docker-{app}.service',
|
||
|
f'user:docker-{app}',
|
||
|
'svc_systemd:docker',
|
||
|
*set(config.get('needs', set())),
|
||
|
},
|
||
|
}
|
||
|
|
||
|
for volume in volumes:
|
||
|
directories[f'/var/opt/docker-engine/{app}/{volume}'] = {
|
||
|
'owner': f'docker-{app}',
|
||
|
'group': f'docker-{app}',
|
||
|
'needed_by': {
|
||
|
f'svc_systemd:docker-{app}',
|
||
|
},
|
||
|
# don't do anything if the directory exists, docker images
|
||
|
# mangle owners
|
||
|
'unless': f'test -d /var/opt/docker-engine/{app}/{volume}',
|
||
|
}
|