refactor: Use alvistack repository
This commit is contained in:
parent
b9a6f018e0
commit
b11570c069
@ -1,38 +1,36 @@
|
|||||||
---
|
---
|
||||||
# tasks file for podman
|
# tasks file for podman
|
||||||
|
|
||||||
- name: Créer l'utilisateur dédié
|
|
||||||
ansible.builtin.include_role:
|
|
||||||
name: users
|
|
||||||
vars:
|
|
||||||
users:
|
|
||||||
- name: "{{ container_user }}"
|
|
||||||
comment: Dedicated Podman user ({{ container.name }})
|
|
||||||
update_password: on_create
|
|
||||||
password_lock: true
|
|
||||||
system: true
|
|
||||||
shell: /bin/bash
|
|
||||||
|
|
||||||
- name: Activer le lingering
|
- name: Activer le lingering
|
||||||
ansible.builtin.command:
|
ansible.builtin.command:
|
||||||
cmd: "loginctl enable-linger {{ container_user }}"
|
cmd: "loginctl enable-linger {{ container_user }}"
|
||||||
creates: /var/lib/systemd/linger/{{ container_user }}
|
creates: /var/lib/systemd/linger/{{ container_user }}
|
||||||
become: true
|
become: true
|
||||||
|
loop: "{{ podman_containers }}"
|
||||||
|
loop_control:
|
||||||
|
label: "{{ item.name }}"
|
||||||
|
vars:
|
||||||
|
container_user: "podman-{{ item.user | default(item.name) }}"
|
||||||
|
|
||||||
- name: Create a Quadlet file
|
- name: Create a Quadlet file
|
||||||
containers.podman.podman_container:
|
containers.podman.podman_container:
|
||||||
hostname: "{{ container.hostname | default(inventory_hostname) }}"
|
hostname: "{{ item.hostname | default(inventory_hostname) }}"
|
||||||
name: "{{ container.name }}"
|
name: "{{ item.name }}"
|
||||||
image: "{{ container.image }}"
|
image: "{{ item.image }}"
|
||||||
state: quadlet
|
state: quadlet
|
||||||
device: "{{ container.device | default(omit) }}"
|
device: "{{ item.device | default(omit) }}"
|
||||||
ports: "{{ container.ports | default(omit) }}"
|
ports: "{{ item.ports | default(omit) }}"
|
||||||
volumes: "{{ container.volumes | default(omit) }}"
|
volumes: "{{ item.volumes | default(omit) }}"
|
||||||
userns: "{{ container.userns | default(omit) }}"
|
userns: "{{ item.userns | default(omit) }}"
|
||||||
mount: "{{ container.mount | default(omit) }}"
|
mount: "{{ item.mount | default(omit) }}"
|
||||||
publish: "{{ container.publish | default(omit) }}"
|
publish: "{{ item.publish | default(omit) }}"
|
||||||
env: "{{ container.env | default(omit) }}"
|
env: "{{ item.env | default(omit) }}"
|
||||||
quadlet_options: "{{ container.quadlet_options | default(omit) }}"
|
quadlet_options: "{{ item.quadlet_options | default(omit) }}"
|
||||||
recreate: true
|
recreate: true
|
||||||
become: true
|
become: true
|
||||||
become_user: "{{ container_user }}"
|
become_user: "{{ container_user }}"
|
||||||
|
loop: "{{ podman_containers }}"
|
||||||
|
loop_control:
|
||||||
|
label: "{{ item.name }}"
|
||||||
|
vars:
|
||||||
|
container_user: "podman-{{ item.user | default(item.name) }}"
|
||||||
|
|||||||
@ -1,29 +1,30 @@
|
|||||||
---
|
---
|
||||||
# tasks file for podman
|
# tasks file for podman
|
||||||
|
|
||||||
- name: Installer les pré-requis
|
- name: Installer les paquets
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
name:
|
name:
|
||||||
- dbus-user-session
|
- dbus-user-session
|
||||||
- rootlesskit
|
- containernetworking-dnsname
|
||||||
- slirp4netns
|
- containernetworking-plugins
|
||||||
|
- containernetworking-podman-machine
|
||||||
|
- dbus-user-session
|
||||||
|
- passt
|
||||||
|
- podman
|
||||||
|
- podman-aardvark-dns
|
||||||
|
- podman-docker
|
||||||
|
- podman-gvproxy
|
||||||
|
- podman-netavark
|
||||||
|
- python3-podman-compose
|
||||||
|
- uidmap
|
||||||
- systemd-container
|
- systemd-container
|
||||||
|
install_recommends: true
|
||||||
state: present
|
state: present
|
||||||
become: true
|
become: true
|
||||||
notify:
|
notify:
|
||||||
- Redémarrer l'instance
|
- Redémarrer l'instance
|
||||||
- Attendre que le port SSH soit ouvert
|
- Attendre que le port SSH soit ouvert
|
||||||
|
|
||||||
- name: Installer podman
|
|
||||||
ansible.builtin.apt:
|
|
||||||
name: podman
|
|
||||||
state: present
|
|
||||||
default_release: sid
|
|
||||||
become: true
|
|
||||||
notify:
|
|
||||||
- Redémarrer l'instance
|
|
||||||
- Attendre que le port SSH soit ouvert
|
|
||||||
|
|
||||||
- name: Exécuter les handlers
|
- name: Exécuter les handlers
|
||||||
ansible.builtin.meta: flush_handlers
|
ansible.builtin.meta: flush_handlers
|
||||||
|
|
||||||
|
|||||||
@ -4,15 +4,7 @@
|
|||||||
- name: Importer les tâches d'installation
|
- name: Importer les tâches d'installation
|
||||||
ansible.builtin.import_tasks:
|
ansible.builtin.import_tasks:
|
||||||
file: installation.yml
|
file: installation.yml
|
||||||
tags: installation
|
|
||||||
|
|
||||||
- name: Importer les tâches de configuration
|
- name: Importer les tâches de configuration
|
||||||
ansible.builtin.include_tasks:
|
ansible.builtin.import_tasks:
|
||||||
file: configuration.yml
|
file: configuration.yml
|
||||||
loop: "{{ podman_containers }}"
|
|
||||||
loop_control:
|
|
||||||
label: "{{ container.name }}"
|
|
||||||
loop_var: container
|
|
||||||
vars:
|
|
||||||
container_user: "podman-{{ container.user | default(container.name) }}"
|
|
||||||
tags: configuration
|
|
||||||
|
|||||||
@ -1,50 +0,0 @@
|
|||||||
# {{ ansible_managed }}
|
|
||||||
|
|
||||||
[Unit]
|
|
||||||
Description=Podman container: {{ container.name }}
|
|
||||||
{% for extra in container.get('unit_extras', []) %}
|
|
||||||
{{ extra }}
|
|
||||||
{% endfor %}
|
|
||||||
|
|
||||||
[Container]
|
|
||||||
HostName={{ inventory_hostname }}
|
|
||||||
|
|
||||||
Image={{ container.image }}
|
|
||||||
ContainerName={{ container.name }}
|
|
||||||
|
|
||||||
{% if container.get('userns', '') | length > 0 %}
|
|
||||||
UserNS={{ container.userns }}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
AutoUpdate=registry
|
|
||||||
|
|
||||||
{% for cmd in container.get('commands', []) %}
|
|
||||||
Exec={{ cmd }}
|
|
||||||
{% endfor %}
|
|
||||||
|
|
||||||
{% for volume in container.get('volumes', []) %}
|
|
||||||
Volume={{ volume }}
|
|
||||||
{% endfor %}
|
|
||||||
|
|
||||||
{% for mount in container.get('mounts', []) %}
|
|
||||||
{% if mount.get('options', []) | length > 0 %}
|
|
||||||
Mount=type={{ mount.type }},src={{ mount.source }},dst={{ mount.destination }},{{ mount.options | join(',') }}
|
|
||||||
{% else %}
|
|
||||||
Mount=type={{ mount.type }},src={{ mount.source }},dst={{ mount.destination }}
|
|
||||||
{% endif %}
|
|
||||||
{% endfor %}
|
|
||||||
|
|
||||||
{% for port in container.get('ports', []) %}
|
|
||||||
PublishPort={{ port }}
|
|
||||||
{% endfor %}
|
|
||||||
|
|
||||||
{% for environment in container.get('environment_vars', []) %}
|
|
||||||
Environment={{ environment.keys() | first }}={{ environment.values() | first }}
|
|
||||||
{% endfor %}
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
Restart=on-failure
|
|
||||||
TimeoutStartSec=900
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=default.target
|
|
||||||
Loading…
Reference in New Issue
Block a user