From 5ebc97a51e283794a7b012a35eb065d2c36e58ca Mon Sep 17 00:00:00 2001 From: Lorin Hochstein Date: Sun, 5 Feb 2017 22:40:52 -0800 Subject: [PATCH] Postgres container as non-root --- ch13/deploy.yml | 36 ++++++++++++++++++++++++++++++++---- 1 file changed, 32 insertions(+), 4 deletions(-) diff --git a/ch13/deploy.yml b/ch13/deploy.yml index ad99e0a..11ac4db 100644 --- a/ch13/deploy.yml +++ b/ch13/deploy.yml @@ -1,5 +1,5 @@ - name: install Docker - hosts: ghost + hosts: postgres become: True tasks: - name: install packages @@ -10,6 +10,7 @@ - linux-image-extra-{{ ansible_kernel }} - linux-image-extra-virtual - software-properties-common + - python-pip - name: add Docker's GPG key apt_key: id: 58118E89F3A912897C070ADBF76221572C52609D @@ -20,8 +21,35 @@ update_cache: yes - name: install Docker apt: name=docker-engine + - name: install docker-py + pip: name=docker-py - - - +- name: deploy postgres + hosts: postgres + become: True + tasks: + - name: create a docker user + user: name=docker + register: docker_user + - name: define data_dir variable + set_fact: data_dir="{{ docker_user.home }}/pgdata" + - name: create data dir with correct ownership + file: + path: "{{ data_dir }}" + state: directory + owner: docker + - name: start postgres container + docker_container: + name: ghost_postgres + user: "{{ docker_user.uid }}:{{ docker_user.group }}" + image: postgres:9.6 + ports: + - "0.0.0.0:5432:5432" + volumes: + - "{{ data_dir }}:/var/lib/postgresql/data" + - "/etc/passwd:/etc/passwd:ro" + env: + POSTGRES_USER: "{{ database_user }}" + POSTGRES_PASSWORD: "{{ database_password }}" + POSTGRES_DB: "{{ database_name }}" -- 2.44.0