update README

Signed-off-by: Thomas Sjögren <[email protected]>
konstruktoid · Oct 11, 2023 · 8b652d6 · 8b652d6
1 parent bc0f7fc
commit 8b652d6
Showing 1 changed file with 32 additions and 19 deletions.
diff --git a/README.md b/README.md
@@ -38,24 +38,28 @@ None.
 ```yaml
 ---
 docker_add_alias: true
-docker_release: 24.0.6
-docker_compose_release: 2.22.0
-docker_release_shasum: 99792dec613df93169a118b05312a722a63604b868e4c941b1b436abcf3bb70f
-docker_release_rootless_shasum: 4282750458fcae75351a95bbcf7762fb117035fd0ee2663dfc3ad8280627984c
-docker_compose_release_shasum: e849450f1c5c20123aa7d63291e2a818b7a117f2e03e432853ece463dd09e67a
+docker_allow_ping: false
+docker_allow_privileged_ports: false
 docker_bash_completion_shasum: cd9c70120bc5f7e6772b6a5350abf63099004c357814abc8a8a3689a7f2e3df0
 docker_compose_bash_completion_shasum: 9926c945b466fad570ad574089d6a90f7d9ba452a2d6a8ba67611a664707f0de
-docker_rootful: false
+docker_compose: false
+docker_compose_release: 2.22.0
+docker_compose_release_shasum: e849450f1c5c20123aa7d63291e2a818b7a117f2e03e432853ece463dd09e67a
+docker_daemon_json_template: daemon.json.j2
+docker_release: 24.0.6
+docker_release_rootless_shasum: 4282750458fcae75351a95bbcf7762fb117035fd0ee2663dfc3ad8280627984c
+docker_release_shasum: 99792dec613df93169a118b05312a722a63604b868e4c941b1b436abcf3bb70f
+docker_repository_template: docker.repo.j2
 docker_rootful_enabled: false
-docker_rootful_opts: >
-  --live-restore --icc=false --default-ulimit nproc=512:1024 --default-ulimit nofile=100:200 -H fd://
+docker_rootful: false
+docker_rootful_opts: false
+docker_rootful_service_template: docker_rootful.service.j2
+docker_rootless_script_template: docker_rootless.sh.j2
+docker_rootless_service_template: docker_rootless.service.j2
+docker_service_restart: true
 docker_url: https://download.docker.com/linux/static/stable/x86_64
-docker_user: dockeruser
 docker_user_bashrc: false
-docker_allow_privileged_ports: false
-docker_allow_ping: false
-docker_compose: false
-docker_service_restart: true
+docker_user: dockeruser
 ```
 
 Before using this role you first have to decide if you want to install Docker
@@ -71,7 +75,7 @@ If `docker_rootful: true`, then `docker_rootful_enabled` will decide if the
 daemon should be enabled as a service or not.
 
 `docker_service_restart` will restart the rootless service after the Docker
-binaries has been extracted.
+binaries has been extracted. This may affect any running containers.
 
 Using `docker_rootful: true` and `docker_rootful_enabled: true`, will result in
 a standard Docker installation, with an additional Docker daemon, running as a
@@ -93,15 +97,15 @@ rootless installation script and starting a isolated daemon.
 daemon and related containers, and not for system administration or used as a
 regular user.
 
-
 `docker_release_shasum`, `docker_release_rootless_shasum`,
 `docker_compose_release_shasum` and `docker_bash_completion_shasum`
 are used to verify the files when downloaded using the [get_url](https://docs.ansible.com/ansible/latest/collections/ansible/builtin/get_url_module.html)
 module. The `docker_release_shasum` is used for the Docker `.tgz` file and
 `docker_release_rootless_shasum` for the `docker-ce-rootless-extras` package.
 
 `docker_rootful_opts` is the options to apply to the Docker daemon if
-running in rootful mode.
+running in rootful mode, if unset the settings in
+`docker_rootful_service_template` will be used.
 
 If `docker_add_alias: true`, then a `docker` alias will be added to either `.bashrc`
 or `.bash_aliases` of the Ansible user. If `false`, a shell script named `docker_rootless.sh` is
@@ -111,17 +115,26 @@ created in the Ansible user home directory. This works as a substitute to the
 If `docker_compose: true`, then the Docker `compose` plugin or `docker-compose`
 will be installed.
 
-If `docker_user_bashrc: true`, a .bashrc with completion for the docker(-compose)
-command will be placed inside the `docker_user` home.
+If `docker_user_bashrc: true`, a .bashrc with completion for the `docker`  and
+`docker-compose command will be placed inside the `docker_user` home.
 
 The `docker_allow_privileged_ports` variable configures if exposing
 [privileged ports (< 1024)](https://docs.docker.com/engine/security/rootless/#exposing-privileged-ports)
 is allowed.
 
-The `docker_allow_ping` variable configures if unprivileged users can open [ICMP echo sockets](https://docs.docker.com/engine/security/rootless/#routing-ping-packets).
+The `docker_allow_ping` variable configures if unprivileged users can open
+[ICMP echo sockets](https://docs.docker.com/engine/security/rootless/#routing-ping-packets).
 On some distributions, this is not allowed, and thereby containers cannot ping
 to the outside.
 
+The variables named `\*\_template` are the locations of the
+[templates](https://docs.ansible.com/ansible/latest/collections/ansible/builtin/template_module.html)
+in use, this to make it easier to replace them with custom ones.
+
+The most important template is most likely
+`docker_daemon_json_template: daemon.json.j2`, which is the location of the
+Docker `daemon.json` configuration file template.
+
 ## Container management
 
 Running containers is not that much different from when a rootful Docker daemon