Renaming role to be more generic going forward

ansible/roles/base/tasks/ensure-docker-basic.yaml

@@ -0,0 +1,41 @@
+- name: Ensure we have basic updated packages setting up docker
+  ansible.builtin.apt:
+    name: "{{ item }}"
+    update_cache: true
+  loop:
+    - ca-certificates
+    - curl
+- name: Running install on the keyrings directory
+  ansible.builtin.command:
+    cmd: install -m 0755 -d /etc/apt/keyrings
+  register: install
+  changed_when: install.rc == 0
+- name: Fetch Docker GPG Key
+  vars:
+    keylink: https://download.docker.com/linux/ubuntu/gpg
+  ansible.builtin.get_url:
+    url: "{{ keylink }}"
+    dest: /etc/apt/keyrings/docker.asc
+    mode: "0644"
+- name: Add repo to apt sources
+  ansible.builtin.copy:
+    src: docker.list
+    dest: /etc/apt/sources.list.d/docker.list
+    mode: "0644"
+- name: Update Apt cache with latest docker.list packages
+  ansible.builtin.apt:
+    update_cache: true
+- name: Ensure all docker packages are updated to the latest versions
+  ansible.builtin.apt:
+    name: "{{ item }}"
+  loop:
+    - docker-ce
+    - docker-ce-cli
+    - containerd.io
+    - docker-buildx-plugin
+    - docker-compose-plugin
+- name: Verify that the docker components are installed properly
+  ansible.builtin.command:
+    cmd: docker run hello-world
+  register: docker
+  changed_when: docker.rc == 0

ansible/roles/base/tasks/main.yaml

@@ -0,0 +1,33 @@
+- name: Ensure docker components are installed
+  tags:
+    - setup
+  ansible.builtin.include_tasks:
+    file: ensure-docker-basic.yaml
+    apply:
+      become: true
+      tags:
+        - setup
+- name: Ensure nigel can use sudo without password
+  become: true
+  tags:
+    - setup
+  ansible.builtin.lineinfile:
+    path: /etc/sudoers
+    state: present
+    line: "nigel ALL=(ALL) NOPASSWD:ALL"
+- name: Run through nomad installation steps
+  tags: nomad
+  ansible.builtin.include_tasks:
+    file: nomad.yaml
+    apply:
+      become: true
+      tags:
+        - nomad
+- name: Setup data directory for the nomad host volumes
+  tags: volumes
+  ansible.builtin.include_tasks:
+    file: nomad-host-volumes.yaml
+    apply:
+      become: true
+      tags:
+        - volumes

ansible/roles/base/tasks/nomad-host-volumes.yaml

@@ -0,0 +1,8 @@
+- name: Ensure the root data directory is present
+  ansible.builtin.file:
+    path: "{{ host_vol_root }}"
+    state: directory
+- name: Ensure registry volume is present
+  ansible.builtin.file:
+    path: "{{ host_vol_root }}/ncr"
+    state: directory

ansible/roles/base/tasks/nomad.yaml

@@ -0,0 +1,54 @@
+- name: Ensure prerequisite packages are installed
+  ansible.builtin.apt:
+    pkg:
+      - wget
+      - gpg
+      - coreutils
+    update_cache: true
+- name: Hashicorp repo setup
+  vars:
+    keypath: /usr/share/keyrings/hashicorp-archive-keyring.gpg
+    gpgpath: /tmp/hashicorp.gpg
+  block:
+  - name: Download the hashicorp GPG Key
+    ansible.builtin.get_url:
+      url: https://apt.releases.hashicorp.com/gpg 
+      dest: "{{ gpgpath }}"
+  - name: Dearmor the hashicorp gpg key
+    ansible.builtin.command:
+      cmd: "gpg --dearmor --yes -o {{ keypath }} {{ gpgpath }}"
+    register: gpg
+    changed_when: gpg.rc == 0
+  - name: Add the hashicorp linux repo
+    vars:
+      keyfile: "{{ keypath }}"
+    ansible.builtin.template:
+      src: hashicorp.list
+      dest: /etc/apt/sources.list.d/hashicorp.list
+      mode: "0644"
+  - name: Update apt repo cache
+    ansible.builtin.apt:
+      update_cache: true
+- name: Install consul
+  ansible.builtin.apt:
+    name: consul
+- name: Install nomad package
+  ansible.builtin.apt:
+    pkg: nomad
+- name: Copy in the consul configuration
+  vars: 
+    ip: "{{ ansible_default_ipv4['address'] }}"
+  ansible.builtin.template:
+    src: consul.hcl
+    dest: /etc/consul.d/consul.hcl
+    mode: "0644"
+- name: Start nomad
+  ansible.builtin.systemd_service:
+    name: nomad
+    state: started
+    enabled: true
+- name: Make sure the consul service is NOT available
+  ansible.builtin.systemd_service:
+    name: consul
+    state: stopped
+    enabled: true