You've already forked role_podman
55 lines
1.4 KiB
YAML
55 lines
1.4 KiB
YAML
---
|
|
# tasks file for podman
|
|
|
|
- name: Create dedicated group
|
|
ansible.builtin.group:
|
|
name: "{{ podman_user }}"
|
|
become: true
|
|
|
|
- name: Create dedicated user
|
|
ansible.builtin.user:
|
|
name: "{{ podman_user }}"
|
|
comment: Dedicated Podman user
|
|
home: "{{ podman_user_homedir }}"
|
|
password_lock: true
|
|
shell: /bin/bash
|
|
group: podman
|
|
become: true
|
|
|
|
- name: Enable lingering for podman user
|
|
ansible.builtin.command:
|
|
cmd: "{{ item }}"
|
|
creates: /var/lib/systemd/linger/{{ podman_user }}
|
|
become: true
|
|
loop:
|
|
- sudo systemctl --machine={{ podman_user }}@.host --user daemon-reload
|
|
- loginctl enable-linger {{ podman_user }}
|
|
|
|
- name: Enable containers auto-update service
|
|
ansible.builtin.systemd_service:
|
|
name: podman-auto-update.timer
|
|
state: started
|
|
daemon_reload: true
|
|
scope: user
|
|
when: podman_auto_update
|
|
become: true
|
|
become_user: "{{ podman_user }}"
|
|
|
|
- name: Create podman user directory tree
|
|
ansible.builtin.file:
|
|
path: "{{ item.path }}"
|
|
owner: "{{ podman_user }}"
|
|
group: "{{ podman_user }}"
|
|
mode: "{{ item.mode }}"
|
|
state: directory
|
|
become: true
|
|
loop:
|
|
- path: "{{ podman_user_homedir }}/.config"
|
|
mode: u=rwX,g=,o=
|
|
- path: "{{ podman_user_homedir }}/.config/containers"
|
|
mode: u=rwX,g=rX,o=rX
|
|
- path: "{{ podman_user_homedir }}/.config/containers/systemd"
|
|
mode: u=rwX,g=rX,o=rX
|
|
loop_control:
|
|
label: "{{ item.path }}"
|