---
- name: Determine docker daemon DNS servers
  vars:
    _docker_daemon_dns: []
  ansible.builtin.set_fact:
    _docker_daemon_dns: "{{ _docker_daemon_dns + (item.value.dns | default([])) }}"
  loop: "{{ skylab_networking | dict2items }}"
  loop_control:
    label: "{{ item.key }}"

- name: Create docker config directory
  become: true
  ansible.builtin.file:
    path: /etc/docker
    state: directory
    owner: "{{ ansible_user }}"
    group: docker
    mode: 0750

- name: Configure docker daemon
  become: true
  ansible.builtin.template:
    src: daemon.json.j2
    dest: /etc/docker/daemon.json
    mode: 0640
    owner: "{{ ansible_user }}"
    group: docker

- name: Start and enable docker service
  become: true
  ansible.builtin.systemd:
    name: docker
    state: started
    enabled: true

- name: Include access variables
  ansible.builtin.include_vars:
    file: vars/access.yaml

- name: Add administrators to docker group
  become: true
  when: item.admin | default(false) and 'cluster' in (item.targets | default([]))
  ansible.builtin.user:
    name: "{{ item.name }}"
    group: "{{ item.name }}"
    groups: docker
    append: true
  loop: "{{ skylab_accounts }}"
  loop_control:
    label: "{{ item.name }},{{ item.uid }}"

- name: Reset connection to get new group membership
  ansible.builtin.meta: reset_connection