uumas/ansible-podman
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

service: Use saner defaults for additional containers

Browse Source
This commit is contained in:
uumas
2026-03-25 19:29:30 +02:00
parent 9eaa306aa4
commit 1d180106d6
3 changed files with 99 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
roles/service/meta/argument_specs.yaml
View File

@@ -340,9 +340,10 @@ argument_specs:
service_additional_containers: service_additional_containers:
description: description:
- List of additional containers for the service. - List of additional containers for the service.
- > - >-
Will inherit most options from main service container. All options can be overridden If image is not specified, will use service container image and
per-container. inherit most options from main service container.
- All options can be overridden per-container.
type: list type: list
required: false required: false
default: [] default: []
@@ -363,26 +364,30 @@ argument_specs:
required: false required: false
default: "{{ service_container_image }}" default: "{{ service_container_image }}"
user: user:
description: The UID to run as inside the container description:
- The UID to run as inside the container.
- Defaults to <service_container_user> if same image, "" otherwise.
type: str type: str
required: false required: false
default: "{{ service_container_user }}"
command: command:
description: Command to start the container with. description:
- Command to start the container with.
- Defaults to <service_container_command> if same image, [] otherwise.
type: list type: list
required: false required: false
default: []
elements: str elements: str
entrypoint: entrypoint:
description: Entrypoint to use in the container description:
- Entrypoint to use in the container
- Defaults to <service_container_entrypoint> if same image, "" otherwise.
type: str type: str
required: false required: false
default: ""
mounts: mounts:
description: List of bind mounts or volumes to be mounted inside the container. description:
- List of bind mounts or volumes to be mounted inside the container.
- Defaults to <service_container_mounts> if same image, [] otherwise.
type: list type: list
required: false required: false
default: "{{ service_container_mounts }}"
elements: dict elements: dict
options: options:
type: type:
@@ -450,10 +455,11 @@ argument_specs:
required: false required: false
default: [] default: []
devices: devices:
description: List of devices to be added inside the container. description:
- List of devices to be added inside the container.
- Defaults to <service_container_devices> if same image, [] otherwise.
type: list type: list
required: false required: false
default: "{{ service_container_devices }}"
elements: dict elements: dict
options: options:
source: source:
@@ -506,15 +512,17 @@ argument_specs:
type: int type: int
required: false required: false
env: env:
description: A dict of environment variables for the container description:
- A dict of environment variables for the container
- Defaults to <service_container_env> if same image, {} otherwise.
type: dict type: dict
required: false required: false
default: "{{ service_container_env }}"
add_capabilities: add_capabilities:
description: List of capabilities to add to the container description:
- List of capabilities to add to the container
- Defaults to <service_container_add_capabilities> if same image, [] otherwise.
type: list type: list
required: false required: false
default: "{{ service_container_add_capabilities }}"
elements: str elements: str
secrets: secrets:
description: description:
@@ -525,9 +533,9 @@ argument_specs:
A dict of secrets and their values (including autogenerated values) is available as A dict of secrets and their values (including autogenerated values) is available as
`service_podman_secrets` for use in templates. This should only be used if the `service_podman_secrets` for use in templates. This should only be used if the
container doesn't support reading the secret from file or environment variable. container doesn't support reading the secret from file or environment variable.
- Defaults to <service_container_secrets> if same image, [] otherwise.
type: list type: list
required: false required: false
default: "{{ service_container_secrets }}"
elements: dict elements: dict
options: options:
name: name:

14
roles/service/tasks/additional.yaml
View File

@@ -4,18 +4,18 @@
name: container name: container
vars: vars:
container_name: "{{ _service_additional_container.name }}" container_name: "{{ _service_additional_container.name }}"
container_image: "{{ _service_additional_container.image | default(service_container_image) }}" container_image: "{{ _service_additional_container.image }}"
container_command: "{{ _service_additional_container.command | default([]) }}" container_command: "{{ _service_additional_container.command }}"
container_entrypoint: "{{ _service_additional_container.entrypoint | default('') }}" container_entrypoint: "{{ _service_additional_container.entrypoint }}"
container_user: "{{ _service_additional_container.user | default(service_container_user) }}" container_user: "{{ _service_additional_container.user }}"
container_mounts: "{{ _service_additional_container_mounts }}" container_mounts: "{{ _service_additional_container_mounts }}"
container_devices: "{{ _service_additional_container.devices | default(service_container_devices) }}" container_devices: "{{ _service_additional_container.devices }}"
container_publish_ports: "{{ _service_additional_container_publish_ports }}" container_publish_ports: "{{ _service_additional_container_publish_ports }}"
container_networks: "{{ _service_additional_container_networks }}" container_networks: "{{ _service_additional_container_networks }}"
container_hostname: "{{ _service_additional_container.name | regex_replace('^' ~ service_name ~ '-', '') }}" container_hostname: "{{ _service_additional_container.name | regex_replace('^' ~ service_name ~ '-', '') }}"
container_secrets: "{{ _service_additional_container_secrets }}" container_secrets: "{{ _service_additional_container_secrets }}"
container_env: "{{ _service_additional_container.env | default(service_container_env) }}" container_env: "{{ _service_additional_container.env }}"
container_add_capabilities: "{{ _service_additional_container.add_capabilities | default(service_container_add_capabilities) }}" container_add_capabilities: "{{ _service_additional_container.add_capabilities }}"
container_requires: "{{ _service_container_requires }}" container_requires: "{{ _service_container_requires }}"
container_wants: "{{ _service_additional_container_wants }}" container_wants: "{{ _service_additional_container_wants }}"
container_auto_update: "{{ service_auto_update }}" container_auto_update: "{{ service_auto_update }}"

73
roles/service/vars/main/additional.yaml
View File

@@ -1,16 +1,75 @@
--- ---
_service_additional_containers_with_default_image: >-
{{
([{ 'image': service_container_image }] * service_additional_containers | length)
| zip(service_additional_containers)
| map('combine')
}}
_service_additional_container_same_image_defaults:
user: "{{ service_container_user }}"
command: "{{ service_container_command }}"
entrypoint: "{{ service_container_entrypoint }}"
devices: "{{ service_container_devices }}"
env: "{{ service_container_env }}"
add_capabilities: "{{ service_container_add_capabilities }}"
_service_additional_container_different_image_defaults:
user: ""
command: []
entrypoint: ""
mounts: []
devices: []
publish_ports: []
env: {}
add_capabilities: []
secrets: []
_service_additional_same_image_containers: >-
{{
_service_additional_containers_with_default_image
| selectattr('image', '==', service_container_image)
}}
_service_additional_different_image_containers: >-
{{
_service_additional_containers_with_default_image
| selectattr('image', '!=', service_container_image)
}}
_service_additional_containers: >- _service_additional_containers: >-
{{ {{
service_additional_containers (
| zip( (
service_additional_containers (
| map(attribute='name') [_service_additional_container_same_image_defaults] *
| map('regex_replace', '^', service_name ~ '-') (_service_additional_same_image_containers | length)
| map('community.general.dict_kv', 'name')
) )
| map('combine') | zip(_service_additional_same_image_containers)
| map('combine')
) +
(
(
[_service_additional_container_different_image_defaults] *
(_service_additional_different_image_containers | length)
)
| zip(_service_additional_different_image_containers)
| map('combine')
)
)
| zip(
(
_service_additional_same_image_containers +
_service_additional_different_image_containers
)
| map(attribute='name')
| map('regex_replace', '^', service_name ~ '-')
| map('community.general.dict_kv', 'name')
)
| map('combine')
}} }}
_service_additional_container_wants: >- _service_additional_container_wants: >-
{{ {{
service_wants service_wants