Sanitized mirror from private repository - 2026-04-18 11:19:59 UTC

ansible/automation/playbooks/configure_docker_logging.yml

@@ -0,0 +1,112 @@
+---
+# Configure Docker Daemon Log Rotation — Linux hosts only
+#
+# Sets daemon-level defaults so ALL future containers cap at 10 MB × 3 files.
+# Existing containers must be recreated to pick up the new limits:
+#   docker compose up --force-recreate
+#
+# Synology hosts (atlantis, calypso, setillo) are NOT covered here —
+# see docs/guides/docker-log-rotation.md for their manual procedure.
+#
+# Usage:
+#   ansible-playbook -i hosts.ini playbooks/configure_docker_logging.yml
+#   ansible-playbook -i hosts.ini playbooks/configure_docker_logging.yml --check
+#   ansible-playbook -i hosts.ini playbooks/configure_docker_logging.yml -e "host_target=homelab"
+
+- name: Configure Docker daemon log rotation (Linux hosts)
+  hosts: "{{ host_target | default('homelab,vish-concord-nuc,pi-5,matrix-ubuntu') }}"
+  gather_facts: yes
+  become: yes
+
+  vars:
+    docker_daemon_config: /etc/docker/daemon.json
+    docker_log_driver: json-file
+    docker_log_max_size: "10m"
+    docker_log_max_files: "3"
+
+  tasks:
+    - name: Ensure /etc/docker directory exists
+      file:
+        path: /etc/docker
+        state: directory
+        owner: root
+        group: root
+        mode: '0755'
+
+    - name: Read existing daemon.json (if present)
+      slurp:
+        src: "{{ docker_daemon_config }}"
+      register: existing_daemon_json
+      ignore_errors: yes
+
+    - name: Parse existing daemon config
+      set_fact:
+        existing_config: "{{ existing_daemon_json.content | b64decode | from_json }}"
+      when: existing_daemon_json is succeeded
+      ignore_errors: yes
+
+    - name: Set empty config when none exists
+      set_fact:
+        existing_config: {}
+      when: existing_daemon_json is failed or existing_config is not defined
+
+    - name: Merge log config into daemon.json
+      copy:
+        dest: "{{ docker_daemon_config }}"
+        content: "{{ merged_config | to_nice_json }}\n"
+        owner: root
+        group: root
+        mode: '0644'
+        backup: yes
+      vars:
+        log_opts:
+          log-driver: "{{ docker_log_driver }}"
+          log-opts:
+            max-size: "{{ docker_log_max_size }}"
+            max-file: "{{ docker_log_max_files }}"
+        merged_config: "{{ existing_config | combine(log_opts) }}"
+      register: daemon_json_changed
+
+    - name: Show resulting daemon.json
+      command: cat {{ docker_daemon_config }}
+      register: daemon_json_contents
+      changed_when: false
+
+    - name: Display daemon.json
+      debug:
+        msg: "{{ daemon_json_contents.stdout }}"
+
+    - name: Validate daemon.json is valid JSON
+      command: python3 -c "import json,sys; json.load(open('{{ docker_daemon_config }}')); print('Valid JSON')"
+      changed_when: false
+
+    - name: Reload Docker daemon
+      systemd:
+        name: docker
+        state: restarted
+        daemon_reload: yes
+      when: daemon_json_changed.changed
+
+    - name: Wait for Docker to be ready
+      command: docker info
+      register: docker_info
+      retries: 5
+      delay: 3
+      until: docker_info.rc == 0
+      changed_when: false
+      when: daemon_json_changed.changed
+
+    - name: Verify log config active in Docker info
+      command: docker info --format '{{ "{{" }}.LoggingDriver{{ "}}" }}'
+      register: log_driver_check
+      changed_when: false
+
+    - name: Report result
+      debug:
+        msg: |
+          Host: {{ inventory_hostname }}
+          Logging driver: {{ log_driver_check.stdout }}
+          daemon.json changed: {{ daemon_json_changed.changed }}
+          Effective config: max-size={{ docker_log_max_size }}, max-file={{ docker_log_max_files }}
+          NOTE: Existing containers need recreation to pick up limits:
+                docker compose up --force-recreate