From 007514feb5f34c706a716acb3fa51588a8f0922b Mon Sep 17 00:00:00 2001 From: uumas Date: Tue, 19 Nov 2024 19:33:10 +0200 Subject: [PATCH] container: switch to using the containers.podman.podman_container module --- roles/container/tasks/main.yaml | 17 ++++++--- roles/container/templates/container.j2 | 49 -------------------------- roles/container/vars/main.yaml | 24 +++++++++++++ 3 files changed, 37 insertions(+), 53 deletions(-) delete mode 100644 roles/container/templates/container.j2 create mode 100644 roles/container/vars/main.yaml diff --git a/roles/container/tasks/main.yaml b/roles/container/tasks/main.yaml index ae88e57..09e6961 100644 --- a/roles/container/tasks/main.yaml +++ b/roles/container/tasks/main.yaml @@ -19,8 +19,17 @@ loop: "{{ container_secrets }}" - name: Create container service {{ container_name }} - ansible.builtin.template: - src: container.j2 - dest: "/etc/containers/systemd/{{ container_name }}.container" - mode: "0600" + containers.podman.podman_container: + image: "{{ container_image }}" + name: "{{ container_name }}" + command: "{{ container_command or omit }}" + user: "{{ container_user or omit }}" + mount: "{{ container_mounts | map('items') | map('map', 'join', '=') | map('join', ',') }}" + network: "{{ container_networks | map('regex_replace', '$', '.network') }}" + publish: "{{ container_publish_ports }}" + secrets: "{{ container_secrets | map(attribute='name') }}" + env: "{{ container_env }}" + state: quadlet + quadlet_file_mode: "0600" + quadlet_options: "{{ _container_quadlet_options }}" notify: "Restart container service {{ container_name }}" diff --git a/roles/container/templates/container.j2 b/roles/container/templates/container.j2 deleted file mode 100644 index 6e60c5a..0000000 --- a/roles/container/templates/container.j2 +++ /dev/null @@ -1,49 +0,0 @@ -# {{ ansible_managed }} - -[Unit] -Description=Container {{ container_name }} -{% for requirement in container_requires %} -Requires={{ requirement }} -After={{ requirement }} -{% endfor %} -{% for want in container_wants %} -Requires={{ want }} -Before={{ want }} -{% endfor %} - -[Container] -Image={{ container_image }} -ContainerName={{ container_name }} -{% if container_command | length > 0 %} -Exec="{{ container_command | join('" "') }}" -{% endif %} -{% if container_user | length > 0 %} -User={{ container_user }} -{% endif %} -{% for mount in container_mounts %} -Mount={% for key, value in mount.items() %}{{ key }}={{ value }}{% if not loop.last %},{% endif %}{% endfor %} - -{% endfor %} -{% for network in container_networks %} -Network={{ network }}.network -{% endfor %} -{% for port in container_publish_ports %} -PublishPort={{ port }} -{% endfor %} -{% for secret in container_secrets %} -Secret={{ secret.name }} -{% endfor %} -{% for key, value in container_env.items() %} -Environment={{ key }}={{ value }} -{% endfor %} -{% if container_auto_update %} -AutoUpdate=registry -{% endif %} - -{% if container_auto_start %} -[Service] -Restart=always - -[Install] -WantedBy=multi-user.target -{% endif %} diff --git a/roles/container/vars/main.yaml b/roles/container/vars/main.yaml new file mode 100644 index 0000000..f90e2d2 --- /dev/null +++ b/roles/container/vars/main.yaml @@ -0,0 +1,24 @@ +--- +_container_quadlet_unit_options: | + [Unit] + Description=Container {{ container_name }} + StartLimitIntervalSec=30 + StartLimitBurst=3 + {% for requirement in container_requires %} + Requires={{ requirement }} + After={{ requirement }} + {% endfor %} + {% for want in container_wants %} + Wants={{ want }} + {% endfor %} +_container_quadlet_auto_start_options: | + [Service] + Restart=always + + [Install] + WantedBy=multi-user.target +_container_quadlet_options_incl_empty: + - "{{ 'AutoUpdate=registry' if container_auto_update else '' }}" + - "{{ _container_quadlet_unit_options }}" + - "{{ _container_quadlet_auto_start_options if container_auto_start else '' }}" +_container_quadlet_options: "{{ _container_quadlet_options_incl_empty | select('!=', '') }}"