configpolicy/roles/dockerhub-proxy/tasks/main.yml

- name: ensure nginx is allowed to proxy
  seboolean:
    name: httpd_can_network_connect
    state: true
    persistent: true
  tags:
  - selinux

- name: ensure nginx docker proxy cache directory exists
  file:
    path: /var/cache/nginx/docker
    owner: nginx
    group: nginx
    mode: u=rwx,go=
    state: directory
  tags:
  - datadir

- name: ensure nginx docker proxy cache path is configured
  copy:
    src: dockerhub-proxy-cache.conf
    dest: /etc/nginx/conf.d/
  notify:
  - reload nginx
  tags:
  - nginx-config

- name: ensure nginx is configured to proxy for docker hub
  copy:
    src: dockerhub-proxy.conf
    dest: /etc/nginx/default.d/dockerhub-proxy.conf
    owner: root
    group: root
    mode: u=rw,go=r
  notify:
  - reload nginx
  tags:
  - nginx-config