diff --git a/ansible/roles/docker/tasks/main.yml b/ansible/roles/docker/tasks/main.yml index 6892c8a26..f9413ad5b 100644 --- a/ansible/roles/docker/tasks/main.yml +++ b/ansible/roles/docker/tasks/main.yml @@ -4,8 +4,28 @@ name: "{{ ansible_user_id }}" groups: docker append: yes + register: group_result become: True +# After adding the user to the docker group, we need to log out and in again to +# pick up the group membership. We do this by removing the SSH ControlPersist +# connection. +- name: Drop the persistent SSH connection to activate the new group membership + local_action: + module: shell ssh -O stop {{ cp_hostname }} -o ControlPath={{ cp_path }} + register: socket_removal + failed_when: + - socket_removal|failed + - "'No such file or directory' not in socket_removal.stderr" + with_items: "{{ play_hosts }}" + run_once: True + when: group_result|changed + vars: + cp_hostname: "{{ hostvars[item].ansible_host|default(inventory_hostname) }}" + cp_username: "{{ hostvars[item].ansible_user }}" + cp_port: "{{ hostvars[item].ansible_ssh_port|default('22') }}" + cp_path: "~/.ansible/cp/ansible-ssh-{{ cp_hostname }}-{{ cp_port }}-{{ cp_username }}" + - name: Ensure Docker daemon is started service: name: docker @@ -16,7 +36,6 @@ command: docker info register: docker_info changed_when: False - become: True - name: Fail when loopback-mode containers or images exist fail: