uumas/ansible-podman
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

service: Improve additional container support

Browse Source
This commit is contained in:
uumas
2026-03-12 00:42:00 +02:00
parent 9e3e1496f0
commit 31cf49b004
4 changed files with 68 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
roles/service/meta/argument_specs.yaml
View File

@@ -362,6 +362,11 @@ argument_specs:
type: str
required: false
default: "{{ service_container_image }}"
user:
description: The UID to run as inside the container
type: str
required: false
default: "{{ service_container_user }}"
command:
description: Command to start the container with.
type: list
@@ -406,6 +411,22 @@ argument_specs:
- Defaults to false for volume and bind, true for template
type: bool
required: false
user:
description: Volume owner uid. Only applicable if mount type is volume.
type: str
required: false
default: ""
group:
description: Volume owner gid. Only applicable if mount type is volume.
type: str
required: false
default: ""
mode:
description:
- Templated file or copied directory/file permissions.
- Defaults to 0644 for files, 0755 for directories
type: str
required: false
volume_device:
description: >-
The path of a device which is mounted for the volume.
@@ -428,6 +449,21 @@ argument_specs:
elements: str
required: false
default: []
devices:
description: List of devices to be added inside the container.
type: list
required: false
default: "{{ service_container_devices }}"
elements: dict
options:
source:
description: Device path on host
type: str
required: true
destination:
description: Device path inside the container. Defaults to same as host.
type: str
required: false
publish_ports:
description: A list of ports to publish outside the container
type: list

7
roles/service/tasks/additional.yaml
View File

@@ -7,17 +7,18 @@
container_image: "{{ _service_additional_container.image | default(service_container_image) }}"
container_command: "{{ _service_additional_container.command | default([]) }}"
container_entrypoint: "{{ _service_additional_container.entrypoint | default('') }}"
container_user: "{{ service_container_user }}"
container_user: "{{ _service_additional_container.user | default(service_container_user) }}"
container_mounts: "{{ _service_additional_container_mounts }}"
container_devices: "{{ _service_additional_container.devices | default(service_container_devices) }}"
container_publish_ports: "{{ _service_additional_container_publish_ports }}"
container_networks: "{{ _service_additional_container_networks }}"
container_ip: "{{ _service_additional_container_ip }}"
container_secrets: "{{ _service_additional_container.secrets | default(_service_container_secrets) }}"
container_hostname: "{{ _service_additional_container.name | regex_replace('^' ~ service_name ~ '-', '') }}"
container_secrets: "{{ _service_additional_container_secrets }}"
container_env: "{{ _service_additional_container.env | default(service_container_env) }}"
container_add_capabilities: "{{ _service_additional_container.add_capabilities | default(service_container_add_capabilities) }}"
container_requires: "{{ _service_container_requires }}"
container_wants: "{{ service_wants }}"
container_wants: "{{ _service_additional_container_wants }}"
container_auto_update: "{{ service_auto_update }}"
loop: "{{ _service_additional_containers }}"
loop_control:

2
roles/service/tasks/main.yaml
View File

@@ -16,7 +16,7 @@
- name: Template mounts for {{ service_name }}
ansible.builtin.include_tasks: host_mounts.yaml
when: (_service_template_mounts + _service_copy_mounts) | length > 0
when: (_service_all_template_mounts + _service_all_copy_mounts) | length > 0
- name: Additional containers for {{ service_name }}
ansible.builtin.include_tasks: additional.yaml

27
roles/service/vars/main/additional.yaml
View File

@@ -11,6 +11,15 @@ _service_additional_containers: >-
| map('combine')
}}
_service_additional_container_wants: >-
{{
service_wants
+ _service_additional_container_publish_socket_ports
| map(attribute='name')
| map('regex_replace', '^', service_name ~ '-')
| map('regex_replace', '$', '-socat.socket')
}}
_service_additional_container_networks: >-
{{
[service_name]
@@ -24,6 +33,24 @@ _service_additional_container_networks: >-
)
}}
_service_additional_container_secrets: >-
{{
(
_service_additional_container.secrets
| map(attribute='name')
| map('community.general.dict_kv', 'target')
| zip(
_service_additional_container.secrets,
_service_additional_container.secrets
| map(attribute='name')
| map('regex_replace', '^', service_name ~ '-')
| map('community.general.dict_kv', 'name')
)
| map('combine')
) if _service_additional_container.secrets is defined
else _service_container_secrets
}}
_service_additional_container_ip: >-
{{
service_container_ip |