Fix Ansible warnings

And add support for Ubuntu 18.04 and Debian 9

.travis.yml

@@ -7,8 +7,10 @@ python: "2.7"
 
 env:
   - ANSIBLE_VERSION=latest
+  - ANSIBLE_VERSION=2.7.2
   - ANSIBLE_VERSION=2.7.1
   - ANSIBLE_VERSION=2.7.0
+  - ANSIBLE_VERSION=2.6.8
   - ANSIBLE_VERSION=2.6.7
   - ANSIBLE_VERSION=2.6.6
   - ANSIBLE_VERSION=2.6.5
@@ -37,8 +39,8 @@ branches:
 before_install:
   - sudo apt-get update -qq
 
-  # Remove lxc-docker and docker.io
-  - sudo apt-get remove --purge --yes lxc-docker* docker.io* || true
+  # Remove lxc-docker, docker.io and docker-engine
+  - sudo apt-get remove --purge --yes docker lxc-docker* docker.io* docker-engine || true
 
 install:
   # Install Ansible.
@@ -66,7 +68,7 @@ script:
     && (echo 'Installation test: pass' && exit 0)
     || (echo 'Installation test: fail' && exit 1)
 
-  - if [ "$ANSIBLE_VERSION" = "latest" ]; then ansible-lint tests/test.yml || true; fi
+  - if [ "$ANSIBLE_VERSION" = "latest" ]; then ansible-lint tests/test.yml; fi
 
 notifications:
   email: false

Vagrantfile

@@ -5,13 +5,6 @@ role = File.basename(File.expand_path(File.dirname(__FILE__)))
 
 
 boxes = [
-  {
-    :name => "ubuntu-1204",
-    :box => "bento/ubuntu-12.04",
-    :ip => '10.0.0.11',
-    :cpu => "50",
-    :ram => "256"
-  },
   {
     :name => "ubuntu-1404",
     :box => "bento/ubuntu-14.04",
@@ -26,10 +19,24 @@ boxes = [
     :cpu => "50",
     :ram => "256"
   },
+  {
+    :name => "ubuntu-1804",
+    :box => "bento/ubuntu-18.04",
+    :ip => '10.0.0.14',
+    :cpu => "50",
+    :ram => "256"
+  },
   {
     :name => "debian-8",
     :box => "bento/debian-8",
-    :ip => '10.0.0.15',
+    :ip => '10.0.0.16',
+    :cpu => "50",
+    :ram => "256"
+  },
+  {
+    :name => "debian-9",
+    :box => "bento/debian-9",
+    :ip => '10.0.0.17',
     :cpu => "50",
     :ram => "256"
   },

meta/main.yml

@@ -1,6 +1,7 @@
 # meta file for docker
 ---
 galaxy_info:
+  role_name: docker
   author: Mischa ter Smitten
   company: Oefenweb.nl B.V.
   description: Set up the latest version of Docker Engine in Debian-like systems
@@ -12,9 +13,11 @@ galaxy_info:
         - precise
         - trusty
         - xenial
+        - bionic
     - name: Debian
       versions:
         - jessie
+        - stretch
   galaxy_tags:
     - development
     - packaging

tasks/backported-kernel.yml

@@ -1,33 +1,33 @@
 # tasks file for docker
 ---
-- name: install backported kernel
+- name: backported kernel | install
   apt:
-    name: "{{ item }}"
+    name: "{{ docker_backported_kernel_packages }}"
     state: "{{ apt_install_state | default('latest') }}"
-  with_items: "{{ docker_backported_kernel_packages }}"
-  register: backported_kernel_result
+  register: _backported_kernel_result
   tags:
     - docker-backported-kernel-install
 
-- name: reboot
-  command: shutdown -r now
+- name: backported kernel | reboot
+  command: >
+    shutdown -r now
   async: 0
   poll: 0
   ignore_errors: true
-  when: backported_kernel_result | changed
+  when: _backported_kernel_result is changed
   tags:
     - docker-backported-kernel-apply
     - docker-backported-kernel-reboot
 
-- name: wait for server to come online
+- name: backported kernel | wait for server to come online
   wait_for:
     host: "{{ ansible_ssh_host | default(inventory_hostname) }}"
     port: "{{ ansible_ssh_port | default(22) }}"
     delay: 15
     timeout: 600
     state: started
   become: false
-  when: backported_kernel_result | changed
+  when: _backported_kernel_result is changed
   connection: local
   tags:
     - docker-backported-kernel-apply

tasks/main.yml

@@ -10,19 +10,18 @@
     - docker-apt
     - docker-apt-update
 
+# TODO: Cleanup
 - include: backported-kernel.yml
-  when: ansible_distribution == 'Ubuntu' and ansible_distribution_version | version_compare('12.04', '==')
+  when: ansible_distribution == 'Ubuntu' and ansible_distribution_version is version('12.04', '==')
   tags:
     - configuration
     - docker
     - docker-backported-kernel
 
-- name: install dependencies (pre)
+- name: install | dependencies | pre
   apt:
-    name: "{{ item }}"
+    name: "{{ docker_dependencies_pre }}"
     state: "{{ apt_install_state | default('latest') }}"
-  with_items: "{{ docker_dependencies_pre }}"
-  when: item != ''
   tags:
     - configuration
     - docker
@@ -34,18 +33,17 @@
     - docker
     - docker-repository
 
-- name: install dependencies
+- name: install | dependencies
   apt:
-    name: "{{ item }}"
+    name: "{{ docker_dependencies }}"
     state: "{{ apt_install_state | default('latest') }}"
-  with_items: "{{ docker_dependencies }}"
   notify: restart docker
   tags:
     - configuration
     - docker
     - docker-install
 
-- name: update configuration file - /etc/default/docker
+- name: configuration | update - /etc/default/docker
   template:
     src: etc/default/docker.j2
     dest: /etc/default/docker

tasks/repository.yml

@@ -1,20 +1,70 @@
 # tasks file for docker
 ---
-- name: add public key
-  apt_key:
-    id: "{{ item.id }}"
-    url: "{{ item.url }}"
-    state: present
-  with_items: "{{ docker_apt_key }}"
+- name: repository | dependencies
+  apt:
+    name: "{{ docker_dependencies_pre }}"
+    state: "{{ apt_install_state | default('latest') }}"
+    update_cache: true
+    cache_valid_time: "{{ apt_update_cache_valid_time | default(3600) }}"
+  tags:
+    - docker-repository-dependencies
+
+- name: repository | get python version
+  shell: python --version 2>&1 | awk '{print $2}'
+  register: _python_version
+  changed_when: false
   tags:
-    - docker-repository-add-public-key
+    - docker-repository-get-python-version
+
+# Old python (TLS issues)
+- block:
+  - name: repository | create (download) directory
+    file:
+      path: "{{ docker_downloads_path }}"
+      state: directory
+      owner: root
+      group: root
+      mode: 0755
+    tags:
+      - docker-repository-directory
+      - docker-repository-directory-create
+
+  - name: repository | download public key
+    command: >
+      curl -sSL {{ item.url }} -o {{ docker_downloads_path }}/{{ item.id }}.key
+    args:
+      creates: "{{ docker_downloads_path }}/{{ item.id }}.key"
+    with_items: "{{ docker_apt_keys }}"
+    tags:
+      - docker-repository-public-key
+
+  - name: repository | add public key
+    apt_key:
+      id: "{{ item.id }}"
+      file: "{{ docker_downloads_path }}/{{ item.id }}.key"
+      state: present
+    with_items: "{{ docker_apt_keys }}"
+    tags:
+      - docker-repository-public-key
+  when: _python_version.stdout is version('2.7.9', '<')
+
+# New python
+- block:
+  - name: repository | add public key
+    apt_key:
+      id: "{{ item.id }}"
+      url: "{{ item.url }}"
+      state: present
+    with_items: "{{ docker_apt_keys }}"
+    tags:
+      - docker-repository-public-key
+  when: _python_version.stdout is version('2.7.9', '>=')
 
-- name: add repository
+- name: repository | add
   apt_repository:
     repo: "{{ item.type }} {{ item.url }} {{ item.component }}"
     state: present
     update_cache: true
-  with_items: "{{ docker_apt_repository }}"
+  with_items: "{{ docker_apt_repositories }}"
   tags:
     - docker-repository-add
-    - docker-repository-add-repository

tasks/ufw.yml

@@ -1,19 +1,19 @@
 # tasks file for docker
 ---
-- name: check ufw default file existence
+- name: ufw | check default file existence
   stat:
     path: "{{ docker_ufw_default_file }}"
-  register: ufw_default_file_stats
+  register: _ufw_default_file_stats
   when: docker_manage_ufw
   tags:
     - docker-ufw-check-default-file-existence
 
-- name: change ufw default forward policy
+- name: ufw | change default forward policy
   lineinfile:
     dest: "{{ docker_ufw_default_file }}"
     regexp: '^DEFAULT_FORWARD_POLICY='
     line: 'DEFAULT_FORWARD_POLICY="ACCEPT"'
-  when: docker_manage_ufw and ufw_default_file_stats.stat.exists
+  when: docker_manage_ufw and _ufw_default_file_stats.stat.exists
   tags:
     - docker-ufw-update-default-file
     - docker-ufw-update-default-file-forward-policy

tasks/updatedb.yml

@@ -1,15 +1,16 @@
 # tasks file for docker
 ---
-- name: check updatedb file existence
+- name: updatedb | check file existence
   stat:
     path: "{{ docker_updatedb_file }}"
-  register: updatedb_file_stats
+  register: _updatedb_file_stats
   when: docker_manage_updatedb
   tags:
     - docker-updatedb-check-file-existence
 
-- name: disable indexing of /var/lib/docker
-  command: /usr/bin/updatedb -e /var/lib/docker
-  when: docker_manage_updatedb and updatedb_file_stats.stat.exists
+- name: updatedb | disable indexing of /var/lib/docker
+  command: >
+    /usr/bin/updatedb -e /var/lib/docker
+  when: docker_manage_updatedb and _updatedb_file_stats.stat.exists
   tags:
     - docker-updatedb-disable-indexing

vars/main.yml

@@ -5,23 +5,28 @@ docker_backported_kernel_packages:
   - linux-image-generic-lts-trusty
   - linux-headers-generic-lts-trusty
 
+docker_dependencies_pre_dummy_package: apt
 docker_dependencies_pre:
   - apt-transport-https
   - ca-certificates
-  - "{{ 'linux-image-extra-virtual' if ansible_distribution == 'Ubuntu' else '' }}"
+  - curl
+  - software-properties-common
   - apparmor
-  - "{{ 'cgroup-lite' if ansible_distribution == 'Ubuntu' else '' }}"
+  - "{{ (ansible_distribution == 'Ubuntu') | ternary('linux-image-extra-virtual', docker_dependencies_pre_dummy_package) }}"
+  - "{{ (ansible_distribution == 'Ubuntu') | ternary('cgroup-lite', docker_dependencies_pre_dummy_package) }}"
 
-docker_apt_key:
-  - id: 2C52609D
-    url: https://apt.dockerproject.org/gpg
-docker_apt_repository:
-  - type: deb
-    url: "https://apt.dockerproject.org/repo {{ ansible_distribution | lower }}-{{ ansible_distribution_release }}"
-    component: main
+docker_apt_keys:
+  - id: 8D81803C0EBFCD88
+    url: https://download.docker.com/linux/ubuntu/gpg
+docker_apt_repositories:
+  - type: 'deb [arch=amd64]'
+    url: "https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }}"
+    component: stable
+
+docker_downloads_path: /var/lib/ansible/docker/downloads
 
 docker_dependencies:
-  - docker-engine
+  - docker-ce
 
 docker_ufw_default_file: /etc/default/ufw
 docker_updatedb_file: /etc/updatedb.conf