Removing disabling of iptables for Docker as doing so causes a lot of pain
This commit is contained in:
parent
74928165f7
commit
ddc2a1f327
1 changed files with 0 additions and 31 deletions
|
|
@ -1,37 +1,6 @@
|
||||||
---
|
---
|
||||||
# tasks file for traefik
|
# tasks file for traefik
|
||||||
|
|
||||||
- name: Ensure systemd docker.service.d directory exists
|
|
||||||
file:
|
|
||||||
path: "/etc/systemd/system/docker.service.d/"
|
|
||||||
state: directory
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: '0755'
|
|
||||||
tags: firewall
|
|
||||||
|
|
||||||
- name: Provide systemd config to disable Docker's tampering with the firewall
|
|
||||||
copy:
|
|
||||||
dest: /etc/systemd/system/docker.service.d/noiptables.conf
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: '0644'
|
|
||||||
content: |
|
|
||||||
[Service]
|
|
||||||
ExecStart=
|
|
||||||
ExecStart=/usr/bin/dockerd -H fd:// --iptables=false
|
|
||||||
tags: firewall
|
|
||||||
register: docker_restart_required
|
|
||||||
|
|
||||||
- name: Restart docker service to pickup config changes
|
|
||||||
systemd:
|
|
||||||
name: docker
|
|
||||||
daemon_reload: yes
|
|
||||||
state: restarted
|
|
||||||
become: true
|
|
||||||
when: docker_restart_required.changed
|
|
||||||
tags: firewall
|
|
||||||
|
|
||||||
- name: Ensure traefik config directory exists
|
- name: Ensure traefik config directory exists
|
||||||
file:
|
file:
|
||||||
path: /home/{{ docker_user }}/traefik
|
path: /home/{{ docker_user }}/traefik
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue