system-config/playbooks/roles/install-docker/tasks/main.yaml

# We're taking a different approach with Noble and beyond.
# For these newer releases we're going to use `docker compose`
# with the podman service instead of `docker-compose` with the
# docker service. We'll use task file lookups to differentiate.
# TODO(clarkb) the noble behavior really probably deservices to be
# in a new role but to simplify our transition between container
# runtimes we continue to manage it in install-docker.
- name: Include OS-release specific tasks
  include_tasks: "{{ lookup('first_found', file_list) }}"
  vars:
    file_list: "{{ distro_lookup_path }}"

- name: Install rsyslog redirector for container tags
  copy:
    src: '10-docker.conf'
    dest: /etc/rsyslog.d/
    owner: root
    group: root
    mode: 0644
  notify:
    - Restart rsyslog

- name: Ensure rsyslog restarted now
  meta: flush_handlers

- name: Create container log directories
  file:
    state: directory
    path: /var/log/containers/
    owner: syslog
    group: adm
    mode: 0775

- name: Install log rotation for container log files
  include_role:
    name: logrotate
  vars:
    logrotate_file_name: '/var/log/containers/*.log'

- name: Force registry actions for docker over IPv4
  block:
  - name: Resolve IPv4 Addresses for Docker resources
    shell: for domain in {{ docker_registry_hostlist|join(' ') }} ; do host -t a "$domain" ; done
    register: docker_io_dns

  - name: Update to /etc/hosts according to force_docker_io_ipv4
    lineinfile:
      path: /etc/hosts
      line: "{{ (item|split(' '))[-1] }}\t{{ (item|split(' '))[0] }}"
      mode: "0644"
      state: "present"
    loop: "{{ docker_io_dns.stdout_lines }}"
  when: force_docker_io_ipv4|bool