From 4e4f8249581e4e0ce00e73f6c19008d37edf64e1 Mon Sep 17 00:00:00 2001
From: uumas <gitcommit@uumas.fi>
Date: Sun, 13 Jul 2025 19:05:37 +0300
Subject: [PATCH] service: Support additional networks for database

---
 roles/service/defaults/main.yaml       |  1 +
 roles/service/meta/argument_specs.yaml | 12 +++++++++++-
 roles/service/tasks/database.yaml      |  3 +--
 roles/service/vars/main/database.yaml  |  8 ++++++++
 roles/service/vars/main/general.yaml   |  3 ---
 5 files changed, 21 insertions(+), 6 deletions(-)
 create mode 100644 roles/service/vars/main/database.yaml

diff --git a/roles/service/defaults/main.yaml b/roles/service/defaults/main.yaml
index d10065c..5111099 100644
--- a/roles/service/defaults/main.yaml
+++ b/roles/service/defaults/main.yaml
@@ -14,6 +14,7 @@ service_container_secrets: []
 service_container_env: {}
 
 service_database_type: none
+service_database_additional_networks: []
 service_database_secret_type: mount
 service_database_secret_target: "{{ service_database_type }}"
 service_postgres_image: docker.io/library/postgres
diff --git a/roles/service/meta/argument_specs.yaml b/roles/service/meta/argument_specs.yaml
index 17372cc..480664f 100644
--- a/roles/service/meta/argument_specs.yaml
+++ b/roles/service/meta/argument_specs.yaml
@@ -66,7 +66,9 @@ argument_specs:
         required: false
         default: ""
       service_container_additional_networks:
-        description: A list of additional podman networks for the service container (in addition to service name network).
+        description: >-
+          A list of additional podman networks for the service container (in
+          addition to service name network).
         type: list
         required: false
         default: []
@@ -212,6 +214,14 @@ argument_specs:
           - none
         required: false
         default: none
+      service_database_additional_networks:
+        description: >-
+          A list of additional podman networks for the database container (in
+          addition to service name network).
+        type: list
+        required: false
+        default: []
+        elements: str
       service_database_secret_type:
         description: Secret type for database secret for service container
         type: str
diff --git a/roles/service/tasks/database.yaml b/roles/service/tasks/database.yaml
index 6d4cd05..9f256b2 100644
--- a/roles/service/tasks/database.yaml
+++ b/roles/service/tasks/database.yaml
@@ -9,8 +9,7 @@
       - type: volume
         source: "{{ _service_database_name }}"
         destination: /var/lib/postgresql/data
-    container_networks:
-      - "{{ service_name }}"
+    container_networks: "{{ _service_database_networks }}"
     container_secrets:
       - name: "{{ _service_database_name }}"
         target: "{{ service_database_type }}"
diff --git a/roles/service/vars/main/database.yaml b/roles/service/vars/main/database.yaml
new file mode 100644
index 0000000..4197755
--- /dev/null
+++ b/roles/service/vars/main/database.yaml
@@ -0,0 +1,8 @@
+---
+_service_setup_database: "{{ service_database_type != 'none' }}"
+_service_database_name: "{{ service_name }}-{{ service_database_type }}"
+_service_database_networks: >-
+  {{
+    [service_name] +
+      service_database_additional_networks
+  }}
diff --git a/roles/service/vars/main/general.yaml b/roles/service/vars/main/general.yaml
index 2bed91b..93f61d1 100644
--- a/roles/service/vars/main/general.yaml
+++ b/roles/service/vars/main/general.yaml
@@ -1,7 +1,4 @@
 ---
-_service_setup_database: "{{ service_database_type != 'none' }}"
-_service_database_name: "{{ service_name }}-{{ service_database_type }}"
-
 _service_container_networks: "{{ [service_name] + service_container_additional_networks }}"
 
 _service_container_requires: >-