From a9ece4108a9a5edf0ca1e6b3a71bf15cf952850d Mon Sep 17 00:00:00 2001
From: Fabio Scotto di Santolo <fscottodev@pm.me>
Date: Mon, 23 Mar 2026 22:11:39 +0100
Subject: [PATCH] Add Docker setup for Ubuntu hosts

---
 ansible/inventory/group_vars/ubuntu.yml       | 12 +++++
 ansible/roles/packages_ubuntu/tasks/main.yml  | 44 +++++++++++++++++++
 ansible/roles/services_systemd/tasks/main.yml |  4 +-
 3 files changed, 58 insertions(+), 2 deletions(-)

diff --git a/ansible/inventory/group_vars/ubuntu.yml b/ansible/inventory/group_vars/ubuntu.yml
index 6c5595a..d5e3b26 100644
--- a/ansible/inventory/group_vars/ubuntu.yml
+++ b/ansible/inventory/group_vars/ubuntu.yml
@@ -7,3 +7,15 @@ ubuntu_packages_base:
   - python3-gi
   - python3-gi-cairo
   - software-properties-common
+
+ubuntu_manage_docker_repo: true
+
+ubuntu_docker_packages:
+  - docker-ce
+  - docker-ce-cli
+  - containerd.io
+  - docker-buildx-plugin
+  - docker-compose-plugin
+
+enabled_services:
+  - docker
diff --git a/ansible/roles/packages_ubuntu/tasks/main.yml b/ansible/roles/packages_ubuntu/tasks/main.yml
index ce36bac..8846363 100644
--- a/ansible/roles/packages_ubuntu/tasks/main.yml
+++ b/ansible/roles/packages_ubuntu/tasks/main.yml
@@ -1,4 +1,39 @@
 ---
+- name: Ensure Docker apt keyrings directory exists
+  tags: [packages]
+  ansible.builtin.file:
+    path: /etc/apt/keyrings
+    state: directory
+    owner: root
+    group: root
+    mode: "0755"
+  when: ubuntu_manage_docker_repo | default(false)
+
+- name: Download Docker apt repository signing key
+  tags: [packages]
+  ansible.builtin.get_url:
+    url: https://download.docker.com/linux/ubuntu/gpg
+    dest: /etc/apt/keyrings/docker.asc
+    owner: root
+    group: root
+    mode: "0644"
+  when: ubuntu_manage_docker_repo | default(false)
+
+- name: Configure Docker apt repository
+  tags: [packages]
+  ansible.builtin.apt_repository:
+    repo: >-
+      deb [arch={{ 'amd64' if ansible_facts['architecture'] == 'x86_64'
+      else 'arm64' if ansible_facts['architecture'] in ['aarch64', 'arm64']
+      else ansible_facts['architecture'] }}
+      signed-by=/etc/apt/keyrings/docker.asc]
+      https://download.docker.com/linux/ubuntu
+      {{ ansible_facts['distribution_release'] }} stable
+    filename: docker
+    state: present
+    update_cache: true
+  when: ubuntu_manage_docker_repo | default(false)
+
 - name: Refresh apt package cache
   tags: [packages]
   ansible.builtin.apt:
@@ -12,7 +47,16 @@
       {{
         (common_packages | default([]))
         + (ubuntu_packages_base | default([]))
+        + (ubuntu_docker_packages | default([]))
         + (profile_packages | default([]))
         + (host_packages | default([]))
       }}
     state: present
+
+- name: Add user to docker group
+  tags: [packages]
+  ansible.builtin.user:
+    name: "{{ username }}"
+    groups: docker
+    append: true
+  when: (ubuntu_docker_packages | default([])) | length > 0
diff --git a/ansible/roles/services_systemd/tasks/main.yml b/ansible/roles/services_systemd/tasks/main.yml
index 036562d..43a3482 100644
--- a/ansible/roles/services_systemd/tasks/main.yml
+++ b/ansible/roles/services_systemd/tasks/main.yml
@@ -1,6 +1,6 @@
 ---
 - name: Enable base systemd services
-  tags: [services]
+  tags: [services, packages]
   ansible.builtin.systemd:
     name: "{{ item }}"
     enabled: true
@@ -10,7 +10,7 @@
     label: "{{ item }}"
 
 - name: Enable host systemd services
-  tags: [services]
+  tags: [services, packages]
   ansible.builtin.systemd:
     name: "{{ item }}"
     enabled: true