19 files changed, 1075 insertions, 0 deletions

diff --git a/roles/docker.ubuntu/.editorconfig b/roles/docker.ubuntu/.editorconfig
new file mode 100644
index 0000000..3fee862
--- /dev/null
+++ b/roles/docker.ubuntu/.editorconfig
@@ -0,0 +1,8 @@
+root = true
+
+# default configuration
+[*]
+indent_style = space
+indent_size = 2
+end_of_line = lf
+charset = utf-8
diff --git a/roles/docker.ubuntu/.gitignore b/roles/docker.ubuntu/.gitignore
new file mode 100644
index 0000000..817dda8
--- /dev/null
+++ b/roles/docker.ubuntu/.gitignore
@@ -0,0 +1,4 @@
+.vagrant/
+*.log
+env/
+venv/
diff --git a/roles/docker.ubuntu/.travis.yml b/roles/docker.ubuntu/.travis.yml
new file mode 100644
index 0000000..d3fff98
--- /dev/null
+++ b/roles/docker.ubuntu/.travis.yml
@@ -0,0 +1,19 @@
+---
+language: python
+python: "2.7"
+env:
+  - ANSIBLE_VERSION='ansible<2'
+  - ANSIBLE_VERSION='ansible>2'
+
+before_install:
+  - sudo apt-get update -qq
+  #- sudo apt-get install -qq python-apt python-pycurl
+install:
+  # Install Ansible.
+  - sudo pip install $ANSIBLE_VERSION
+script:
+  - ansible --version
+  - export ANSIBLE_ROLES_PATH="../"
+#  - echo localhost > inventory
+  - ansible-playbook -i hosts --syntax-check docker.yml
+  - ansible-playbook -i hosts --connection=local --sudo -vvvv docker.yml
diff --git a/roles/docker.ubuntu/CODE_OF_CONDUCT.md b/roles/docker.ubuntu/CODE_OF_CONDUCT.md
new file mode 100644
index 0000000..58a4f06
--- /dev/null
+++ b/roles/docker.ubuntu/CODE_OF_CONDUCT.md
@@ -0,0 +1,46 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at pauldurivage@gmail.com. The project team will review and investigate all complaints, and will respond in a way that it deems appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [http://contributor-covenant.org/version/1/4][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/
diff --git a/roles/docker.ubuntu/CONTRIBUTING.md b/roles/docker.ubuntu/CONTRIBUTING.md
new file mode 100644
index 0000000..b289de8
--- /dev/null
+++ b/roles/docker.ubuntu/CONTRIBUTING.md
@@ -0,0 +1,14 @@
+# Contributing
+
+I'm very welcoming of PRs, and I'm happy to have anyone open a PR, but it _always_ helps to have a discussion before you open something.
+
+When you discover an issue or believe the this needs to move in a different direction, open an issue and we can discuss.  I don't always respond immediately - but my primary goal is to facilitate PRs to make sure the project is useful.  I'll respond, we'll talk about whether it benefits the group, and I'll handle PRs as necessary.
+
+Quick things to remember:
+
+* I love PRs and I'm happy to merge
+* Major changes to the role interface are going to be a problem - we should discuss
+* Not breaking existing envs is highest consideration; backwards compatibility is next
+* Breaking changes upstream are an ongoing problem, so let's minimize them
+* Modification of existing installs should require explicit permission
+* Use idempotent operations 
diff --git a/roles/docker.ubuntu/LICENSE b/roles/docker.ubuntu/LICENSE
new file mode 100644
index 0000000..e06d208
--- /dev/null
+++ b/roles/docker.ubuntu/LICENSE
@@ -0,0 +1,202 @@
+Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "{}"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright {yyyy} {name of copyright owner}
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+
diff --git a/roles/docker.ubuntu/README.md b/roles/docker.ubuntu/README.md
new file mode 100644
index 0000000..0c7de61
--- /dev/null
+++ b/roles/docker.ubuntu/README.md
@@ -0,0 +1,69 @@
+docker_ubuntu
+========
+
+Installs Docker on:
+
+* Ubuntu 14.04+
+* Debian Jessie (8.5+) and Stretch
+
+This role attempts to make every reasonable effort to follow Docker's official installation instructions for Ubuntu and Debian.  
+
+**Example Play**:
+
+Very basic install utilizing the role defaults:
+
+```
+---
+- name: Run docker.ubuntu
+  hosts: docker
+  roles:
+    - angstwad.docker_ubuntu
+```
+
+Overriding the default configration is done by overriding the role's default variables:
+
+```
+- name: Install Docker
+  hosts: all
+  roles:
+    - role: angstwad.docker_ubuntu
+      ssh_port: 2222
+      kernel_pkg_state: present
+```
+
+
+Requirements
+------------
+
+Requires python-pycurl for apt modules.
+
+Role Variables
+--------------
+
+Please see [defaults/main.yml](https://github.com/angstwad/docker.ubuntu/blob/master/defaults/main.yml) for a comprehensive list of variables that can be overridden.
+
+Dependencies
+------------
+
+None.
+
+Testing
+-------
+
+To test the role in a Vagrant environment just run `vagrant up`.  This will
+create some VMs:
+
+* Ubuntu 12.04
+* Ubuntu 14.04
+* Ubuntu 16.04
+* Debian Jessie 8.5
+* Debian Stretch 9.0
+
+and it will provision them by applying this role with Ansible.
+
+Requires `ansible-playbook` to be in the path.
+
+License
+-------
+
+Apache v2.0
diff --git a/roles/docker.ubuntu/Vagrantfile b/roles/docker.ubuntu/Vagrantfile
new file mode 100644
index 0000000..7350ac1
--- /dev/null
+++ b/roles/docker.ubuntu/Vagrantfile
@@ -0,0 +1,74 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby ts=2 sw=2 tw=0 et :
+
+role = File.basename(File.expand_path(File.dirname(__FILE__)))
+
+ENV['ANSIBLE_ROLES_PATH'] = "../"
+
+boxes = [
+  {
+    :name => "ubuntu-1404",
+    :box => "ubuntu/trusty64",
+    :ip => '10.0.77.12',
+    :cpu => "20",
+    :ram => "256"
+  },
+  {
+    :name => "ubuntu-1604",
+    :box => "ubuntu/xenial64",
+    :ip => '10.0.77.13',
+    :cpu => "20",
+    :ram => "512"
+  },
+  {
+    :name => "debian-jessie",
+    :box => "debian/jessie64",
+    :ip => '10.0.77.14',
+    :cpu => "20",
+    :ram => "256"
+  },
+  {
+    :name => "debian-stretch",
+    :box => "debian/stretch64",
+    :ip => '10.0.77.16',
+    :cpu => "20",
+    :ram => "256"
+  },
+  {
+    :name => "ubuntu-1604-python3",
+    :box => "ubuntu/xenial64",
+    :ip => '10.0.77.15',
+    :cpu => "20",
+    :ram => "512"
+  },
+]
+
+Vagrant.configure("2") do |config|
+  boxes.each do |box|
+    config.vm.define box[:name] do |vms|
+      vms.vm.box = box[:box]
+      vms.vm.box_url = box[:url]
+
+      vms.vm.provider "virtualbox" do |v|
+        v.customize ["modifyvm", :id, "--cpuexecutioncap", box[:cpu]]
+        v.customize ["modifyvm", :id, "--memory", box[:ram]]
+      end
+
+      vms.vm.network :private_network, ip: box[:ip]
+
+      vms.vm.provision :ansible do |ansible|
+        ansible.playbook = "tests/vagrant.yml"
+        ansible.verbose = "vv"
+        ansible.host_vars = {
+          "ubuntu-1604-python3" => {
+            "ansible_python_interpreter" => "/usr/bin/python3",
+            # "ansible_user" => "ubuntu"
+          }
+        }
+        ansible.raw_arguments  = [
+          "--diff",
+        ]
+      end
+    end
+  end
+end
diff --git a/roles/docker.ubuntu/defaults/main.yml b/roles/docker.ubuntu/defaults/main.yml
new file mode 100644
index 0000000..1b338d0
--- /dev/null
+++ b/roles/docker.ubuntu/defaults/main.yml
@@ -0,0 +1,94 @@
+---
+# uninstall previous versions of docker, but not by default
+# https://docs.docker.com/engine/installation/linux/docker-ce/ubuntu/#uninstall-old-versions
+uninstall_previous_docker_versions: false
+
+# assume that the desired version is community edition
+docker_edition: ce
+
+# docker-ce is the default package name
+docker_pkg_name: "{{ 'docker-ee' if docker_edition == 'ee' else 'docker-ce' }}"
+docker_apt_cache_valid_time: 600
+docker_aufs_enabled: true
+
+# docker dns path for docker.io package ( changed at ubuntu 14.04 from docker to docker.io )
+docker_defaults_file_path: /etc/default/docker
+
+# The package name required for dirmngr (required key installation to work on some deb systems)
+apt_dirmngr_pkg: dirmngr
+
+# Important if running Ubuntu 12.04-13.10 and ssh on a non-standard port
+ssh_port: 22
+# Place to get apt repository key
+apt_key_url: "hkp://ha.pool.sks-keyservers.net"
+# apt repository key signature
+apt_key_sig: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
+# apt keyring file
+keyring: "/etc/apt/trusted.gpg.d/docker.gpg"
+# Name of the apt repository for Docker CE or EE
+apt_repository: "deb [arch=amd64] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release|lower }} stable"
+
+# daemon_json allows you to configure the daemon with the daemon.json file.
+# https://docs.docker.com/engine/reference/commandline/dockerd/#on-linux
+#daemon_json:
+#  hosts:
+#    - "fd://"
+#    - "tcp://0.0.0.0:2376"
+#  log-level: debug
+#  log-driver: json-file
+#  log-opts:
+#      max-file: "3"
+#      max-size: "10m"
+daemon_json:
+
+# List of users to be added to 'docker' system group (disabled by default)
+# SECURITY WARNING: 
+# Be aware that granted users can easily get full root access on the docker host system!
+docker_group_members: []
+
+# configurable proxies: a reasonable default is to re-use the proxy from ansible_env:
+# docker_http_proxy: "{{ ansible_env.http_proxy|default('') }}"
+# Notes:
+# if docker_http_proxy==""   the role sets HTTP_PROXY="" (useful to 'empty' existing ENV var)
+# if docker_http_proxy is undefined the role will not set/modify any ENV vars
+docker_http_proxy:
+docker_https_proxy:
+docker_no_proxy:
+
+# Flags for whether to install pip packages
+pip_install_pip: true
+pip_install_setuptools: true
+# pip_install_docker is ignored if pip_install_docker_compose is true as docker-compose as a dependency over docker.
+# See var/main.yml for more information.
+pip_install_docker: true
+pip_install_docker_compose: true
+
+# Versions for the python packages that are installed
+pip_version_pip: latest
+pip_version_setuptools: latest
+# pip_version_docker is ignored if pip_install_docker_compose is true as docker-compose as a dependency over docker.
+# See var/main.yml for more information.
+pip_version_docker: latest
+pip_version_docker_compose: latest
+
+# If this variable is set to true kernel updates and host restarts are permitted.
+# Warning: Use with caution in production environments.
+kernel_update_and_reboot_permitted: no
+
+# Set to 'yes' or 'true' to enable updates (sets 'latest' in apt module)
+update_docker_package: no
+
+# Change these to 'present' if you're running Ubuntu 12.04-13.10 and are fine with less-than-latest packages
+kernel_pkg_state: latest
+cgroup_lite_pkg_state: latest
+dmsetup_pkg_state: latest
+# Force an install of the kernel extras, in case you're suffering from some issue related to the
+# static binary provided by upstream Docker.  For example, see this GitHub Issue in Docker:
+# https://github.com/docker/docker/issues/12750
+# Warning: Installing kernel extras is potentially interruptive/destructive and will install backported
+# kernel if running 12.04.
+install_kernel_extras: false
+# Install Xorg packages for backported kernels.  This is usually unnecessary except for environments
+# where an X/Unit desktop is actively being used. If you're not using an X/Unity on 12.04, you
+# won't need to enable this.
+install_xorg_pkgs: false
diff --git a/roles/docker.ubuntu/docker.yml b/roles/docker.ubuntu/docker.yml
new file mode 100644
index 0000000..6f030d4
--- /dev/null
+++ b/roles/docker.ubuntu/docker.yml
@@ -0,0 +1,9 @@
+---
+- hosts: all
+  become: yes
+  roles:
+    - { role: ./,
+        docker_opts: "-H tcp://127.0.0.1:4243 -H unix:///var/run/docker.sock --dns 8.8.8.8 --dns 8.8.4.4"
+      }
+
+#- include: integration-tests.yml
diff --git a/roles/docker.ubuntu/handlers/main.yml b/roles/docker.ubuntu/handlers/main.yml
new file mode 100644
index 0000000..5c45210
--- /dev/null
+++ b/roles/docker.ubuntu/handlers/main.yml
@@ -0,0 +1,13 @@
+---
+# handlers file for docker.ubuntu
+- name: Start Docker
+  service: name=docker state=started
+
+- name: Reload systemd
+  command: systemctl daemon-reload  
+
+- name: Restart docker
+  service: name=docker state=restarted
+
+- name: Restart dockerio
+  service: name=docker.io state=restarted
diff --git a/roles/docker.ubuntu/hosts b/roles/docker.ubuntu/hosts
new file mode 100644
index 0000000..8bb7ba6
--- /dev/null
+++ b/roles/docker.ubuntu/hosts
@@ -0,0 +1,2 @@
+[local]
+localhost
diff --git a/roles/docker.ubuntu/meta/main.yml b/roles/docker.ubuntu/meta/main.yml
new file mode 100644
index 0000000..9079b05
--- /dev/null
+++ b/roles/docker.ubuntu/meta/main.yml
@@ -0,0 +1,25 @@
+---
+galaxy_info:
+  author: Paul Durivage
+  description: A comprehensive and (ideally) sane way to install Docker on Ubuntu 14.04+
+  license: Apache v2.0
+  min_ansible_version: 2.2
+  platforms:
+    - name: Debian
+      versions:
+        - jessie
+        - stretch
+    - name: Ubuntu
+      versions:
+        - trusty
+        - xenial
+        - zesty
+  categories:
+    - development
+    - packaging
+    - system
+dependencies: []
+  # List your role dependencies here, one per line. Only
+  # dependencies available via galaxy should be listed here.
+  # Be sure to remove the '[]' above if you add dependencies
+  # to this list.
diff --git a/roles/docker.ubuntu/tasks/kernel_check_and_update.yml b/roles/docker.ubuntu/tasks/kernel_check_and_update.yml
new file mode 100644
index 0000000..cdf3460
--- /dev/null
+++ b/roles/docker.ubuntu/tasks/kernel_check_and_update.yml
@@ -0,0 +1,65 @@
+- name: Install backported trusty kernel onto 12.04
+  apt:
+    pkg: "{{ item }}"
+    state: "{{ kernel_pkg_state }}"
+    update_cache: yes
+    cache_valid_time: 600
+  with_items:
+    - linux-image-generic-lts-trusty
+    - linux-headers-generic-lts-trusty
+  register: kernel_result
+  when: "ansible_distribution_version|version_compare('12.04', '=')"
+
+- name: Install Xorg packages for backported kernels (very optional)
+  apt:
+    pkg: "{{ item }}"
+    state: installed
+    update_cache: yes
+    cache_valid_time: 600
+  with_items:
+    - xserver-xorg-lts-trusty
+    - libgl1-mesa-glx-lts-trusty
+  register: xorg_pkg_result
+  when: "install_xorg_pkgs and (kernel_result|changed or kernel_result|success)"
+
+- name: Install latest kernel for Ubuntu 13.04+
+  apt:
+    pkg: "{{ item }}"
+    state: "{{ kernel_pkg_state }}"
+    update_cache: yes
+    cache_valid_time: 600
+  with_items:
+    - "linux-image-extra-{{ ansible_kernel }}"
+    - linux-image-extra-virtual
+  when: "ansible_distribution_version|version_compare('13.04', '=')
+      or ansible_distribution_version|version_compare('13.10', '=')
+      or install_kernel_extras"
+
+# Fix for https://github.com/dotcloud/docker/issues/4568
+- name: Install cgroup-lite for Ubuntu 13.10
+  apt:
+    pkg: cgroup-lite
+    state: "{{ cgroup_lite_pkg_state }}"
+    update_cache: yes
+    cache_valid_time: 600
+  register: cgroup_lite_result
+  when: "ansible_distribution_version|version_compare('13.10', '=')"
+
+- name: Reboot instance
+  command: /sbin/shutdown -r now
+  register: reboot_result
+  when: "(ansible_distribution_version|version_compare('12.04', '=') and kernel_result|changed)
+      or (ansible_distribution_version|version_compare('13.10', '=') and cgroup_lite_result|changed)
+      or xorg_pkg_result|changed"
+
+- name: Wait for instance to come online (10 minute timeout)
+  become: no
+  local_action:
+    module: wait_for
+    host: "{{ ansible_ssh_host|default(inventory_hostname) }}"
+    port: "{{ ansible_ssh_port|default(ssh_port) }}"
+    delay: 30
+    timeout: 600
+    state: started
+  when: "(ansible_distribution_version|version_compare('12.04', '=') and reboot_result|changed)
+      or (ansible_distribution_version|version_compare('13.10', '=') and cgroup_lite_result|changed)"
diff --git a/roles/docker.ubuntu/tasks/main.yml b/roles/docker.ubuntu/tasks/main.yml
new file mode 100644
index 0000000..ca00437
--- /dev/null
+++ b/roles/docker.ubuntu/tasks/main.yml
@@ -0,0 +1,331 @@
+---
+# tasks file for docker.ubuntu
+- name: "Include proper python vars file"
+  include_vars: "{{ python_vars_file }}"
+
+- name: Fail if not a supported release of Ubuntu
+  fail:
+    msg: "{{ ansible_distribution_version }} is not an acceptable version of Ubuntu for this role"
+  when: ansible_lsb.id|lower == "ubuntu" and ansible_distribution_version|version_compare('14.04', '<')
+
+- name: Fail if not a new release of Debian
+  fail:
+    msg: "{{ ansible_distribution_version }} is not an acceptable version of Debian for this role"
+  when: ansible_lsb.id|lower == "debian" and ansible_distribution_version|version_compare('8.5', '<')
+
+- name: Fail if using python3 with Ansible<2.3
+  fail:
+    msg: "Ansible 2.3+ is required to use Python3 interpreter."
+  when: ansible_version.full | version_compare('2.3', '<') and ansible_python_interpreter is defined and 'python3' in ansible_python_interpreter
+
+- name: Update kernel, kernel extras, Xorg pkgs, and related tasks
+  include: kernel_check_and_update.yml
+  when: kernel_update_and_reboot_permitted or install_kernel_extras
+
+- name: Uninstall old versions of Docker
+  apt:
+    name: "{{ item }}"
+    state: absent
+  with_items:
+    - docker
+    - docker-engine
+    - docker.io
+  when: uninstall_previous_docker_versions
+
+- name: Install linux-image-extra-* packages to enable AuFS driver
+  apt:
+    pkg: "{{ item }}"
+    state: present
+    update_cache: yes
+    cache_valid_time: "{{ docker_apt_cache_valid_time }}"
+  with_items:
+    - linux-image-extra-{{ ansible_kernel }}
+    - linux-image-extra-virtual
+  when: docker_aufs_enabled and ansible_distribution_version|version_compare('14.04', '==')
+  register: linux_image_extra_install
+  ignore_errors: yes
+
+- name: Try again to install linux-image-extra if previous attempt failed
+  apt:
+    pkg: "linux-image-extra-{{ ansible_kernel.split('-')[:-1]|join('-') }}*"
+    state: present
+    update_cache: yes
+    cache_valid_time: "{{ docker_apt_cache_valid_time }}"
+  when: linux_image_extra_install|failed
+
+- name: Ensure dirmngr is available
+  apt:
+    pkg: "{{ apt_dirmngr_pkg }}"
+    state: present
+    update_cache: yes
+    cache_valid_time: "{{ docker_apt_cache_valid_time }}"
+
+- name: Add Docker repository key
+  apt_key:
+    id: "{{ apt_key_sig }}"
+    keyserver: "{{ apt_key_url }}"
+    state: present
+  register: add_repository_key
+  ignore_errors: true
+
+- name: Alternative | Add Docker repository key
+  shell: "apt-key adv --fetch-keys {{ apt-key-url }}"
+  when: add_repository_key|failed
+
+- name: HTTPS APT transport for Docker repository
+  apt:
+    name: apt-transport-https
+    state: present
+
+- name: Add Docker repository and update apt cache
+  apt_repository:
+    repo: "{{ apt_repository }}"
+    mode: '644'
+    update_cache: yes
+    state: present
+
+- name: Install (or update) docker package
+  apt:
+    name: "{{ docker_pkg_name }}"
+    state: "{{ 'latest' if update_docker_package else 'present' }}"
+    update_cache: "{{ update_docker_package }}"
+    cache_valid_time: "{{ docker_apt_cache_valid_time }}"
+
+- name: Set systemd playbook var
+  set_fact:
+    is_systemd: false
+  changed_when: false
+  tags: always
+
+- name: Set systemd playbook var
+  set_fact:
+    is_systemd: true
+  when: ( ansible_distribution == "Ubuntu" and ansible_distribution_version|version_compare('15.04', '>=') or ansible_distribution == "Debian" )
+  tags: always
+
+- name: Set docker_http_proxy_defined flag
+  set_fact:
+    docker_http_proxy_defined: "{{ docker_http_proxy is defined and docker_http_proxy is not none and docker_http_proxy != '' }}"
+  tags: proxy
+
+- name: Set docker_https_proxy_defined flag
+  set_fact:
+    docker_https_proxy_defined: "{{ docker_https_proxy is defined and docker_https_proxy is not none and docker_https_proxy != '' }}"
+  tags: proxy
+
+# https://github.com/moby/moby/issues/25471#issuecomment-263101090
+- name: Creates override directory (systemd)
+  file:
+    path: /etc/systemd/system/docker.service.d
+    state: "{{ (daemon_json is not none or docker_http_proxy_defined or docker_https_proxy_defined) | ternary('directory', 'absent') }}"
+    owner: root
+    group: root
+    mode: 0755
+  when:
+    - is_systemd
+  tags: proxy
+
+- name: Set docker daemon override (systemd)
+  copy:
+    content: |
+      [Service]
+      ExecStart=
+      ExecStart=/usr/bin/dockerd
+    dest: /etc/systemd/system/docker.service.d/override.conf
+    owner: root
+    group: root
+    mode: 0644
+  notify:
+    - Reload systemd
+    - Restart docker
+  when: daemon_json is not none and is_systemd
+
+- name: Set /etc/docker/daemon.json
+  copy:
+    content: "{{ daemon_json | to_nice_json }}"
+    dest: /etc/docker/daemon.json
+    owner: root
+    group: root
+    mode: 0644
+  notify:
+    - Restart docker
+  when: daemon_json is not none
+
+- name: Fix DNS in docker.io
+  lineinfile:
+    dest: "{{ docker_defaults_file_path }}"
+    regexp: "DOCKER_OPTS="
+    line: 'DOCKER_OPTS="--dns {{ ansible_docker0.ipv4.address }}"'
+  register: dns_fix
+  notify: Restart dockerio
+  when: docker_pkg_name == 'docker.io'
+
+- meta: flush_handlers
+  when: "dns_fix|changed"
+
+- pause:
+    seconds: 1
+  when: "dns_fix|changed"
+
+# We must install pip via apt before we can use the pip module below
+- name: "Install {{ _python_packages | join(', ') }} packages with apt"
+  apt:
+    pkg: "{{ item }}"
+    state: latest
+    update_cache: yes
+    cache_valid_time: "{{ docker_apt_cache_valid_time }}"
+  with_items: "{{ _python_packages }}"
+
+# Display an informative message if the docker-compose version needs to be downgraded
+- name: Docker-compose version downgrade
+  debug:
+    msg: >-
+      Downgrading docker-compose version to {{ _pip_version_docker_compose }} because of docker-compose > 1.10
+      requiring docker python package (instead of the docker-py one) which is incompatible with the docker_container
+      module in Ansible < 2.3
+  when: pip_install_docker_compose and _pip_version_docker_compose != pip_version_docker_compose
+
+# See vars/main.yml for more information on this.
+- name: Clean previous docker-py package if installing docker.
+  pip:
+    name: docker-py
+    state: absent
+    executable: "{{ _pip_executable }}"
+  when: (_pip_install_docker or pip_install_docker_compose) and _pip_docker_package_name == 'docker'
+
+# See vars/main.yml for more information on this.
+- name: Clean previous docker package if installing docker-py.
+  pip:
+    name: docker
+    state: absent
+    executable: "{{ _pip_executable }}"
+  when: (_pip_install_docker or pip_install_docker_compose) and _pip_docker_package_name == 'docker-py'
+
+# Upgrade pip with pip to fix angstwad/docker.ubuntu/pull/35 and docker-py/issues/525
+- name: Install pip, setuptools, docker-py and docker-compose with pip
+  pip:
+    name: "{{ item.name }}"
+    state: "{{ 'latest' if item.version=='latest' else 'present' }}"
+    version: "{{ item.version if item.version!='latest' else omit }}"
+    executable: "{{ _pip_executable }}"
+  with_items:
+    - name: pip
+      version: "{{ pip_version_pip }}"
+      install: "{{ pip_install_pip }}"
+    - name: setuptools
+      version: "{{ pip_version_setuptools }}"
+      install: "{{ pip_install_setuptools }}"
+    - name: "{{ _pip_docker_package_name }}"
+      version: "{{ pip_version_docker }}"
+      install: "{{ _pip_install_docker }}"
+    - name: docker-compose
+      version: "{{ _pip_version_docker_compose }}"
+      install: "{{ pip_install_docker_compose }}"
+  when: item.install|bool
+
+- name: Check if /etc/updatedb.conf exists
+  stat:
+    path: /etc/updatedb.conf
+  register: updatedb_conf_exists
+
+- name: Ensure updatedb does not index /var/lib/docker
+  lineinfile:
+    dest: /etc/updatedb.conf
+    state: present
+    backrefs: yes
+    regexp: '^PRUNEPATHS="(/var/lib/docker )?(.*)"$'
+    line: 'PRUNEPATHS="/var/lib/docker \2"'
+  when: updatedb_conf_exists.stat.exists
+
+- name: Check if /etc/default/ufw exists
+  stat:
+    path: /etc/default/ufw
+  register: ufw_default_exists
+
+- name: Change ufw default forward policy from drop to accept
+  lineinfile:
+    dest: /etc/default/ufw
+    regexp: "^DEFAULT_FORWARD_POLICY="
+    line: "DEFAULT_FORWARD_POLICY=\"ACCEPT\""
+  when: ufw_default_exists.stat.exists
+
+- name: Set docker HTTP_PROXY if docker_http_proxy defined
+  lineinfile:
+    dest: /etc/default/docker
+    regexp: "^export http_proxy="
+    line: "export http_proxy=\"{{docker_http_proxy}}\""
+    state: "{{ docker_http_proxy_defined | ternary('present', 'absent') }}"
+  when:
+    - not is_systemd
+  notify:
+    - Restart docker
+  tags: proxy
+
+- name: Set docker HTTPS_PROXY if docker_https_proxy defined
+  lineinfile:
+    dest: /etc/default/docker
+    regexp: "^export https_proxy="
+    line: "export https_proxy=\"{{docker_https_proxy}}\""
+    state: "{{ docker_https_proxy_defined | ternary('present', 'absent') }}"
+  when:
+    - not is_systemd
+  notify:
+    - Restart docker
+  tags: proxy
+
+- name: Set docker HTTP(S)_PROXY if docker_http(s)_proxy defined (systemd)
+  copy:
+    content: |
+      [Service]
+      Environment="{% if docker_http_proxy_defined %}http_proxy={{ docker_http_proxy }}{% endif %}"
+      Environment="{% if docker_https_proxy_defined %}https_proxy={{ docker_https_proxy }}{% endif %}"
+      Environment="no_proxy={{ docker_no_proxy | default('') }}"
+    dest: /etc/systemd/system/docker.service.d/proxy.conf
+    owner: root
+    group: root
+    mode: 0644
+  notify:
+    - Reload systemd
+    - Restart docker
+  when:
+    - is_systemd
+    - docker_http_proxy_defined or docker_https_proxy_defined
+  tags: proxy
+
+- name: Remove docker HTTP(S)_PROXY if docker_http(s)_proxy undefined (systemd)
+  file:
+    path: /etc/systemd/system/docker.service.d/proxy.conf
+    state: absent
+  notify:
+    - Reload systemd
+    - Restart docker
+  when:
+    - is_systemd
+    - not docker_http_proxy_defined and not docker_https_proxy_defined
+  tags: proxy
+
+- name: Start docker
+  service:
+    name: docker
+    state: started
+  when: docker_pkg_name.find('lxc-docker') != -1 or docker_pkg_name.find('docker-engine') != -1
+
+- name: Start docker.io
+  service:
+    name: docker.io
+    state: started
+  when: docker_pkg_name == 'docker.io'
+
+  # ATTENTION: this task can potentially create new users!
+- name: Add users to the docker group
+  user:
+    name:   "{{ item }}"
+    groups: docker
+    append: yes
+  with_items: "{{docker_group_members}}"
+  when: docker_group_members is defined
+
+- name: update facts if docker0 is not defined
+  setup:
+    filter: "ansible_docker0"
+  when: ansible_docker0 is not defined
diff --git a/roles/docker.ubuntu/tests/vagrant.yml b/roles/docker.ubuntu/tests/vagrant.yml
new file mode 100644
index 0000000..febaed4
--- /dev/null
+++ b/roles/docker.ubuntu/tests/vagrant.yml
@@ -0,0 +1,39 @@
+---
+# test file for docker.ubuntu role on vagrant
+- hosts: ubuntu-1604
+  become: yes
+  gather_facts: no
+  tasks:
+    - name: Install python
+      raw: export DEBIAN_FRONTEND=noninteractive && apt-get -y install python python-simplejson
+
+- hosts: all
+  become: yes
+  vars:
+    docker_group_members:
+      - "{{ ansible_user }}"
+  roles:
+    - role: docker.ubuntu
+      kernel_update_and_reboot_permitted: yes
+
+  tasks:
+    - name: Create a dummy container
+      docker_container:
+        name: foobar
+        pull: true
+        image: busybox
+        state: started
+      when: _pip_install_docker or pip_install_docker_compose
+      register: container_creation
+
+    - name: Remove the dummy container
+      docker_container:
+        name: foobar
+        state: absent
+      when: container_creation.changed
+
+    - name: Remove the dummy image
+      docker_image:
+        name: busybox
+        state: absent
+      when: container_creation.changed
diff --git a/roles/docker.ubuntu/vars/main.yml b/roles/docker.ubuntu/vars/main.yml
new file mode 100644
index 0000000..5a1f70a
--- /dev/null
+++ b/roles/docker.ubuntu/vars/main.yml
@@ -0,0 +1,47 @@
+---
+# Select python variable file according to the ansible_python_interpreter.
+python_vars_file: >-
+  {{ 'python3.yml' if ansible_python_interpreter is defined
+                          and 'python3' in ansible_python_interpreter
+                       else 'python2.yml' }}
+
+# To use Docker Ansible modules, managed nodes require some Docker Python packages :
+# * `docker-py` (renamed into `docker` since the 2.0.0 version);
+# * `docker-compose` which is required by the docker_service Ansible module.
+#
+# The `docker` python package introduces some backward incompatible changes is version 2.0.0.
+# Ansible 2.3+ is required to run this new version. Previous Ansible versions have to use docker-py<=1.10.6.
+# The `docker-compose` python package has a dependency over the docker/docker-py package.
+# The `docker-compose` 1.9.0 is the latest version to be compatible with the docker<2.0.0.
+#
+# To sum up:
+# * with Ansible < 2.3:
+#   * you have to use docker-py<=1.10.6 due to backward incompatibilities of next versions
+#   * you have to use docker-compose<=1.9.0 due to docker-compose>1.9.0 using newer versions of docker-py.
+
+# Compute Ansible version or latest
+_ansible_version_latest: "{{ ansible_version.full | version_compare('2.3', '<') }}"
+
+# Compute Python Docker component version or latest
+_pip_version_docker_latest: >-
+  {{ pip_version_docker=='latest' or (pip_version_docker | version_compare('1.10.6', '>')) }}
+
+# Compute Python Docker-compose component version or latest
+_pip_version_docker_compose_latest: >-
+  {{ pip_version_docker_compose=='latest' or (pip_version_docker_compose | version_compare('1.9.0', '>')) }}
+
+# Compute the `docker` Python package's version to use.
+_pip_version_docker: >-
+  {{ '1.10.6' if (_ansible_version_latest and _pip_version_docker_latest) else pip_version_docker }}
+
+# Compute the `docker` Python package's name according to its version.
+_pip_docker_package_name: "{{ 'docker-py' if not _pip_version_docker_latest else 'docker' }}"
+
+# Determine whether to install the `docker` package or not. The `docker-compose` Python package has a dependency over
+# the `docker` Python package. So when installing the `docker-compose` package we'd rather let it handle the `docker`
+# package version to prevent version mismatches.
+_pip_install_docker: "{{ not pip_install_docker_compose and pip_install_docker }}"
+
+# Compute the `docker-compose` Python package's version to use.
+_pip_version_docker_compose: >-
+  {{ '1.9.0' if (_ansible_version_latest and _pip_version_docker_compose_latest) else pip_version_docker_compose }}
diff --git a/roles/docker.ubuntu/vars/python2.yml b/roles/docker.ubuntu/vars/python2.yml
new file mode 100644
index 0000000..f3de98b
--- /dev/null
+++ b/roles/docker.ubuntu/vars/python2.yml
@@ -0,0 +1,7 @@
+# Python2 specific variables.
+
+_python_packages:
+  - python-dev
+  - python-pip
+
+_pip_executable: pip
diff --git a/roles/docker.ubuntu/vars/python3.yml b/roles/docker.ubuntu/vars/python3.yml
new file mode 100644
index 0000000..e7785a9
--- /dev/null
+++ b/roles/docker.ubuntu/vars/python3.yml
@@ -0,0 +1,7 @@
+# Python3 specific variables.
+
+_python_packages:
+  - python3-dev
+  - python3-pip
+
+_pip_executable: pip3