feat: Use ansible module for podman

2024-06-06 02:16:51 +02:00 · 2024-06-06 02:16:51 +02:00 · 60737c9a5a
commit 60737c9a5a
parent b5484b1c73
5 changed files with 54 additions and 39 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -3,6 +3,9 @@

 podman_configure_rsyslog: true

+podman_ssh_host: "{{ inventory_hostname }}"
+podman_ssh_port: 22
+
 podman_containers: []
 # Exemple:
 #  - image: docker.io/wallabag/wallabag:latest
--- a/handlers/main.yml
+++ b/handlers/main.yml
@ -1,6 +1,20 @@
 ---
 # handlers file for exim4

+- name: Redémarrer l'instance
+  ansible.builtin.reboot:
+  become: true
+
+- name: Attendre que le port SSH soit ouvert
+  ansible.builtin.wait_for:
+    host: "{{ podman_ssh_host }}"
+    port: "{{ podman_ssh_port }}"
+    search_regex: OpenSSH
+    delay: 30
+    timeout: 900
+    sleep: 10
+  delegate_to: 127.0.0.1
+
 - name: Redémarrer rsyslog.service
  ansible.builtin.systemd:
    state: restarted
--- a/tasks/configuration.yml
+++ b/tasks/configuration.yml
@ -10,39 +10,23 @@
        comment: Dedicated Podman user ({{ container.name }})
        update_password: on_create
        password_lock: true
+        system: true
        shell: /bin/bash

- name: Créer le chemin de stockage des définitions
-  ansible.builtin.file:
-    path: "{{ container_basepath }}"
-    state: directory
-    owner: "{{ container_user }}"
-    group: "{{ container_user }}"
-    mode: u=rwX,g=rwX,o=
-  become: true
-
- name: Déployer le conteneur
-  ansible.builtin.template:
-    src: podman-quadlet.container.j2 
-    dest: "{{ container_basepath }}/{{ container_filename }}"
-    owner: "{{ container_user }}"
-    group: "{{ container_user }}"
-    mode: u=rw,g=rw,o=
-  become: true
-  register: deploy_container
-
- name: Activer le lingering
-  ansible.builtin.command:
-   cmd: "loginctl enable-linger {{ container_user }}"
-   creates: /var/lib/systemd/linger/{{ container_user }}
-  become: true
-
- name: Démarrer ou redémarrer le conteneur
-  ansible.builtin.systemd_service:
-    name: "{{ container_filename | replace('.container', '.service') }}"
-    state: "{{ 'restarted' if deploy_container.changed else 'started' }}"
-    enabled: true
-    daemon_reload: true
-    scope: user
+- name: Create a Quadlet file
+  containers.podman.podman_container:
+    hostname: "{{ container.hostname | default(inventory_hostname) }}"
+    name: "{{ container.name }}"
+    image: "{{ container.image }}"
+    state: quadlet
+    device: "{{ container.device | default(omit) }}"
+    ports: "{{ container.ports | default(omit) }}"
+    volumes: "{{ container.volumes | default(omit) }}"
+    userns: "{{ container.userns | default(omit) }}"
+    mount: "{{ container.mount | default(omit) }}"
+    publish: "{{ container.publish | default(omit) }}"
+    env: "{{ container.env | default(omit) }}"
+    quadlet_options: "{{ container.quadlet_options | default(omit) }}"
+    recreate: true
  become: true
  become_user: "{{ container_user }}"
--- a/tasks/installation.yml
+++ b/tasks/installation.yml
@ -1,17 +1,31 @@
 ---
 # tasks file for podman

- name: Installer les paquets
+- name: Installer les pré-requis
  ansible.builtin.apt:
    name:
      - dbus-user-session
-      - podman
      - rootlesskit
      - slirp4netns
      - systemd-container
    state: present
+  become: true
+  notify:
+    - Redémarrer l'instance
+    - Attendre que le port SSH soit ouvert
+
+- name: Installer podman
+  ansible.builtin.apt:
+    name: podman
+    state: present
    default_release: sid
  become: true
+  notify:
+    - Redémarrer l'instance
+    - Attendre que le port SSH soit ouvert
+
+- name: Exécuter les handlers
+  ansible.builtin.meta: flush_handlers

 - name: Déployer la configuration de rsyslog
  ansible.builtin.template:
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -2,17 +2,17 @@
 # tasks file for podman

 - name: Importer les tâches d'installation
+  ansible.builtin.import_tasks:
+    file: installation.yml
  tags: installation
-  ansible.builtin.import_tasks: installation.yml

 - name: Importer les tâches de configuration
-  tags: configuration
-  ansible.builtin.include_tasks: configuration.yml
+  ansible.builtin.include_tasks:
+    file: configuration.yml
  loop: "{{ podman_containers }}"
  loop_control:
    label: "{{ container.name }}"
    loop_var: container
  vars:
    container_user: "podman-{{ container.user | default(container.name) }}"
-    container_basepath: "/home/{{ container_user }}/.config/containers/systemd"
-    container_filename: "podman-{{ container.name }}.container"
+  tags: configuration