首页 发现 帮助
登录
blaine
/
infra
1
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
目录树: c09b80bdb0
分支列表 标签列表
infra
/
roles
/
quadlet
/
tasks
/
main.yml

main.yml 2.2 KB
文件历史 原始文件

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485 
  1. ---
    2. 

  2. - name: Install podman
    3. 

  3.   ansible.builtin.package:
    4. 

  4.     name: podman
    5. 

  5.     state: present
    6. 

  6. 

  7. 

  8. - name: Create container group
    9. 

  9.   ansible.builtin.group:
    10. 

  10.     name: "{{ container_group }}"
    11. 

  11.     gid: "{{ container_gid }}"
    12. 

  12. 

  13. 

  14. - name: Create container user
    15. 

  15.   ansible.builtin.user:
    16. 

  16.     name: "{{ container_user }}"
    17. 

  17.     uid: "{{ container_uid }}"
    18. 

  18.     group: "{{ container_group }}"
    19. 

  19. 

  20. 

  21. - name: Generate list of persistent container directories
    22. 

  22.   ansible.builtin.set_fact:
    23. 

  23.     persistent_container_dirs: "{{ containers | map(attribute='volumes') | flatten | map('regex_replace', ':.*' ) | list }}"
    24. 

  24. 

  25. 

  26. - name: Create persistent container directories
    27. 

  27.   ansible.builtin.file:
    28. 

  28.     path: "{{ item }}"
    29. 

  29.     state: directory
    30. 

  30.     owner: "{{ container_user | default('root') }}"
    31. 

  31.     group: "{{ container_group | default('root') }}"
    32. 

  32.     mode: '0770'
    33. 

  33.   with_items:
    34. 

  34.     - "{{ persistent_container_dirs }}"
    35. 

  35.   failed_when: false
    36. 

  36.   loop_control:
    37. 

  37.     label: "{{ item }}"
    38. 

  38. 

  39. 

  40. - name: Create quadlet .container files
    41. 

  41.   containers.podman.podman_container:
    42. 

  42.     name: "{{ item.name }}"
    43. 

  43.     state: quadlet
    44. 

  44.     image: "{{ item.image }}"
    45. 

  45.     generate_systemd:
    46. 

  46.       names: True
    47. 

  47.       after: "{{ item.after | default(omit) }}"
    48. 

  48.       restart_sec: "{{ item.restart_sec | default(omit) }}"
    49. 

  49.       requires: "{{ item.requires | default(omit) }}"
    50. 

  50.       restart_policy: "{{ item.restart_policy | default(omit) }}"
    51. 

  51.     privileged: "{{ item.privileged | default(omit) }}"
    52. 

  52.     network: "{{ item.networks | default(omit) }}"
    53. 

  53.     env: "{{ item.environment | default(omit) }}"
    54. 

  54.     cap_add: "{{ item.cap_add | default(omit) }}"
    55. 

  55.     volumes: "{{ item.volumes | default(omit) }}"
    56. 

  56.     device: "{{ item.devices | default(omit) }}"
    57. 

  57.     ports: "{{ item.ports | default(omit) }}"
    58. 

  58.     quadlet_options:
    59. 

  59.       - "AutoUpdate=registry"
    60. 

  60.       - "Pull=newer"
    61. 

  61.       - |
    62. 

  62.         [Install]
    63. 

  63.         WantedBy=default.target
    64. 

  64.         {{ item.quadlet_options | default('') }}
    65. 

  65.   with_items:
    66. 

  66.     - "{{ containers }}"
    67. 

  67.   when:
    68. 

  68.     - containers is defined
    69. 

  69.   loop_control:
    70. 

  70.     label: "{{ item.name }}"
    71. 

  71.   notify:
    72. 

  72.     - Daemon Reload
    73. 

  73. 

  74. 

  75. - name: Set up cron to auto-clear old Container data
    76. 

  76.   ansible.builtin.cron:
    77. 

  77.     name: "clean old container data"
    78. 

  78.     minute: "25"
    79. 

  79.     hour: "13"
    80. 

  80.     weekday: "2"
    81. 

  81.     job: "podman system prune -f"
    82. 

  82. 

  83. 

  84. - name: Flush handlers
    85. 

  85.   meta: flush_handlers
    86.