113 lines
3.6 KiB
YAML
113 lines
3.6 KiB
YAML
---
|
||
# Configure Docker Daemon Log Rotation — Linux hosts only
|
||
#
|
||
# Sets daemon-level defaults so ALL future containers cap at 10 MB × 3 files.
|
||
# Existing containers must be recreated to pick up the new limits:
|
||
# docker compose up --force-recreate
|
||
#
|
||
# Synology hosts (atlantis, calypso, setillo) are NOT covered here —
|
||
# see docs/guides/docker-log-rotation.md for their manual procedure.
|
||
#
|
||
# Usage:
|
||
# ansible-playbook -i hosts.ini playbooks/configure_docker_logging.yml
|
||
# ansible-playbook -i hosts.ini playbooks/configure_docker_logging.yml --check
|
||
# ansible-playbook -i hosts.ini playbooks/configure_docker_logging.yml -e "host_target=homelab"
|
||
|
||
- name: Configure Docker daemon log rotation (Linux hosts)
|
||
hosts: "{{ host_target | default('homelab,vish-concord-nuc,pi-5,matrix-ubuntu') }}"
|
||
gather_facts: yes
|
||
become: yes
|
||
|
||
vars:
|
||
docker_daemon_config: /etc/docker/daemon.json
|
||
docker_log_driver: json-file
|
||
docker_log_max_size: "10m"
|
||
docker_log_max_files: "3"
|
||
|
||
tasks:
|
||
- name: Ensure /etc/docker directory exists
|
||
file:
|
||
path: /etc/docker
|
||
state: directory
|
||
owner: root
|
||
group: root
|
||
mode: '0755'
|
||
|
||
- name: Read existing daemon.json (if present)
|
||
slurp:
|
||
src: "{{ docker_daemon_config }}"
|
||
register: existing_daemon_json
|
||
ignore_errors: yes
|
||
|
||
- name: Parse existing daemon config
|
||
set_fact:
|
||
existing_config: "{{ existing_daemon_json.content | b64decode | from_json }}"
|
||
when: existing_daemon_json is succeeded
|
||
ignore_errors: yes
|
||
|
||
- name: Set empty config when none exists
|
||
set_fact:
|
||
existing_config: {}
|
||
when: existing_daemon_json is failed or existing_config is not defined
|
||
|
||
- name: Merge log config into daemon.json
|
||
copy:
|
||
dest: "{{ docker_daemon_config }}"
|
||
content: "{{ merged_config | to_nice_json }}\n"
|
||
owner: root
|
||
group: root
|
||
mode: '0644'
|
||
backup: yes
|
||
vars:
|
||
log_opts:
|
||
log-driver: "{{ docker_log_driver }}"
|
||
log-opts:
|
||
max-size: "{{ docker_log_max_size }}"
|
||
max-file: "{{ docker_log_max_files }}"
|
||
merged_config: "{{ existing_config | combine(log_opts) }}"
|
||
register: daemon_json_changed
|
||
|
||
- name: Show resulting daemon.json
|
||
command: cat {{ docker_daemon_config }}
|
||
register: daemon_json_contents
|
||
changed_when: false
|
||
|
||
- name: Display daemon.json
|
||
debug:
|
||
msg: "{{ daemon_json_contents.stdout }}"
|
||
|
||
- name: Validate daemon.json is valid JSON
|
||
command: python3 -c "import json,sys; json.load(open('{{ docker_daemon_config }}')); print('Valid JSON')"
|
||
changed_when: false
|
||
|
||
- name: Reload Docker daemon
|
||
systemd:
|
||
name: docker
|
||
state: restarted
|
||
daemon_reload: yes
|
||
when: daemon_json_changed.changed
|
||
|
||
- name: Wait for Docker to be ready
|
||
command: docker info
|
||
register: docker_info
|
||
retries: 5
|
||
delay: 3
|
||
until: docker_info.rc == 0
|
||
changed_when: false
|
||
when: daemon_json_changed.changed
|
||
|
||
- name: Verify log config active in Docker info
|
||
command: docker info --format '{{ "{{" }}.LoggingDriver{{ "}}" }}'
|
||
register: log_driver_check
|
||
changed_when: false
|
||
|
||
- name: Report result
|
||
debug:
|
||
msg: |
|
||
Host: {{ inventory_hostname }}
|
||
Logging driver: {{ log_driver_check.stdout }}
|
||
daemon.json changed: {{ daemon_json_changed.changed }}
|
||
Effective config: max-size={{ docker_log_max_size }}, max-file={{ docker_log_max_files }}
|
||
NOTE: Existing containers need recreation to pick up limits:
|
||
docker compose up --force-recreate
|