blaine
/
infra


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131
							---
- name: Install podman
  ansible.builtin.package:
    name: podman
    state: present


- name: Create container group
  ansible.builtin.group:
    name: "{{ container_group }}"
    gid: "{{ container_gid }}"


- name: Create container user
  ansible.builtin.user:
    name: "{{ container_user }}"
    uid: "{{ container_uid }}"
    group: "{{ container_group }}"


- name: Generate list of persistent container directories
  ansible.builtin.set_fact:
    persistent_container_dirs: "{{ containers | map(attribute='volumes') | flatten | map('regex_replace', ':.*' ) | list }}"


- name: Create persistent container directories
  ansible.builtin.file:
    path: "{{ item }}"
    state: directory
    owner: "{{ container_user | default('root') }}"
    group: "{{ container_group | default('root') }}"
    mode: '0770'
  with_items:
    - "{{ persistent_container_dirs }}"
  loop_control:
    label: "{{ item }}"


- name: Create quadlet file for podman networks
  containers.podman.podman_network:
    name: "{{ item.name }}"
    state: quadlet
    quadlet_options:
      - |
        [Install]
        WantedBy=default.target
  notify:
    - Daemon Reload
  with_items:
    - "{{ container_networks }}"
  when:
    - container_networks is defined
  loop_control:
    label: "{{ item.name }}"


- name: Flush Handlers
  meta: flush_handlers


- name: Start Podman Networks
  ansible.builtin.systemd_service:
    name: "{{ item.name }}-network"
    state: started
  with_items:
    - "{{ container_networks }}"
  when:
    - container_networks is defined
  loop_control:
    label: "{{ item.name }}"


- name: Create quadlet .pod files
  containers.podman.podman_pod:
    name: "{{ item.name }}"
    state: quadlet
    ports: "{{ item.ports | default(omit) }}"
  with_items:
    - "{{ containers }}"
  when:
    - containers is defined
  loop_control:
    label: "{{ item.name }}"
  notify:
    - Daemon Reload


- name: Create quadlet .container files
  containers.podman.podman_container:
    name: "{{ item.name }}"
    state: quadlet
    image: "{{ item.image }}"
    privileged: "{{ item.privileged | default(omit) }}"
    network: "{{ item.networks | default(omit) }}"
    env: "{{ item.environment | default(omit) }}"
    cap_add: "{{ item.cap_add | default(omit) }}"
    volumes: "{{ item.volumes | default(omit) }}"
    device: "{{ item.devices | default(omit) }}"
    ports: "{{ item.ports | default(omit) }}"
    quadlet_options:
      - "AutoUpdate=registry"
      - "Pull=newer"
      - |
        [Install]
        WantedBy=default.target
  with_items:
    - "{{ containers }}"
  when:
    - containers is defined
  loop_control:
    label: "{{ item.name }}"
  notify:
    - Daemon Reload


- name: Flush handlers
  meta: flush_handlers


# Containers are automatically enabled via WantedBy=default.target entries
- name: Start Container Services
  ansible.builtin.systemd_service:
    name: "{{ item.name }}"
    state: started
  with_items:
    - "{{ containers }}"
  when:
    - containers is defined
  loop_control:
    label: "{{ item.name }}"