role_podman/README.md

# role_podman

Deploy podman pods and containers on CoreOS instance.

## Variables

### podman_auto_update

Status of the automatic container update service.

<span style="text-decoration: underline">Default value:</span> `true

### podman_pods

List of dictionnaries to define pods ([see ansible documentation](https://docs.ansible.com/ansible/latest/collections/containers/podman/podman_pod_module.html)).

<span style="text-decoration: underline">Default value:</span> none

### podman_containers

List of dictionnaries to define containers ([see ansible documentation](https://docs.ansible.com/ansible/latest/collections/containers/podman/podman_container_module.html#ansible-collections-containers-podman-podman-container-module)).

<span style="text-decoration: underline">Default value:</span> none

## Usage

To deploy *wg-easy* container:

```yml
# BEGIN role_podman
podman_containers:
  - image: "ghcr.io/wg-easy/wg-easy:latest"
    name: wg-easy
    publish:
      - "51820:51820/udp"
      - "51821:51821/tcp"
    volumes:
      - "/srv/wg-easy:/etc/wireguard"
    env:
      LANG: fr
      PORT: 51821
      UI_CHART_TYPE: 2
      PASSWORD_HASH: <secret>
      WG_HOST: noun.ykn.fr
      WG_PORT: 51820
      WG_PERSISTENT_KEEPALIVE: 25
      WG_DEFAULT_DNS: ""
      WG_ALLOWED_IPS: 192.168.84.0/24
    cap_add:
      - NET_ADMIN
      - NET_RAW
      - SYS_MODULE
    sysctl:
      net.ipv4.ip_forward: 1
      net.ipv4.conf.all.src_valid_mark: 1
    quadlet_options:
      - AutoUpdate=registry
      - |-
        [Service]
        Restart=on-failure
        TimeoutStartSec=900
      - |-
        [Install]
        WantedBy=default.target
# END role_podman
```