asakura · December 12, 2014 17:24 · Dec 12, 2014
diff --git a/gistfile1.yml b/gistfile1.yml
@@ -0,0 +1,109 @@
+- hosts: registry
+  sudo: yes
+  vars:
+    conjur_login: "{{ lookup('env', 'CONJUR_AUTHN_LOGIN') }}"
+    conjur_api_key: "{{ lookup('env', 'CONJUR_AUTHN_API_KEY') }}"
+    conjur_policy_id: "{{ lookup('env', 'CONJUR_POLICY_ID') }}"
+  tasks:
+    - name: add docker repository Key
+      apt_key: keyserver=keyserver.ubuntu.com id=36A1D7869245C8950F966E92D8576A8BA88D21E9
+      tags: prepare
+
+    - name: add docker repository
+      apt_repository: repo='deb https://get.docker.com/ubuntu docker main'
+      tags: prepare
+
+    - name: apt update and upgrade
+      apt: update_cache=yes upgrade=dist
+      tags: prepare
+
+    - name: install docker
+      apt: name=lxc-docker-1.3.3,python-pip
+      tags: prepare
+
+    - name: install docker-py
+      pip: name=docker-py
+      tags: prepare
+
+    - name: create directory for files
+      command: mkdir /opt/datadir creates=/opt/datadir
+      tags: configs
+
+    - name: upload conjurrc directory
+      copy: src=./conjurrc dest=/opt
+      tags: configs
+
+    - name: prepare bootstrap file
+      local_action:
+        shell
+        docker save conjurinc/docker-registry-cache conjurinc/docker-registry-cache-lru conjurinc/docker-registry conjurinc/docker-registry-frontend | gzip -9 -- > /tmp/bootstrap.tar.gz
+        creates=/tmp/bootstrap.tar.gz
+      tags: bootstrap
+
+    - name: upload bootstrap file to host
+      copy: src=/tmp/bootstrap.tar.gz dest=/tmp/bootstrap.tar.gz
+      tags: bootstrap
+
+    - name: load bootstrap into docker
+      shell: zcat /tmp/bootstrap.tar.gz | docker load
+      tags: bootstrap
+
+    - name: remove bootstrap file on localhost
+      local_action: command rm /tmp/bootstrap.tar.gz removes=/tmp/bootstrap.tar.gz
+      tags: bootstrap
+
+    - name: remove bootstrap file on host
+      command: rm /tmp/bootstrap.tar.gz removes=/tmp/bootstrap.tar.gz
+      tags: bootstrap
+
+    - name: run docker-registry-cache container
+      docker:
+        image: conjurinc/docker-registry-cache
+        name: docker-registry-cache
+        env:
+          CONJUR_DISABLED: true
+        volumes:
+          - /opt/datadir:/data
+      tags: docker
+
+    - name: run docker-registry-cache-lru container
+      docker:
+        image: conjurinc/docker-registry-cache-lru
+        name: docker-registry-cache-lru
+        env:
+          CONJUR_DISABLED: true
+        volumes:
+          - /opt/datadir:/data
+      tags: docker
+
+    - name: run docker-registry container
+      docker:
+        image: conjurinc/docker-registry
+        name: docker-registry
+        env:
+          CONJUR_AUTHN_LOGIN: "{{ conjur_login }}"
+          CONJUR_AUTHN_API_KEY: "{{ conjur_api_key }}"
+          CONJUR_POLICY_ID: "{{ conjur_policy_id }}"
+        volumes:
+          - /opt/datadir:/data
+          - /opt/conjurrc:/opt/conjur
+        links:
+          - docker-registry-cache:cache
+          - docker-registry-cache-lru:cache-lru
+      tags: docker
+
+    - name: run docker-registry-frontend container
+      docker:
+        image: conjurinc/docker-registry-frontend
+        name: docker-registry-frontend
+        env:
+          CONJUR_AUTHN_LOGIN: "{{ conjur_login }}"
+          CONJUR_AUTHN_API_KEY: "{{ conjur_api_key }}"
+          CONJUR_POLICY_ID: "{{ conjur_policy_id }}"
+        links: docker-registry:backend
+        volumes:
+          - /opt/conjurrc:/opt/conjur
+        ports:
+          - 80:80
+          - 443:443
+      tags: docker