uumas/ansible-podman
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

Add pinp support and make windmill use it

Browse Source
This commit is contained in:
uumas
2026-03-26 03:04:44 +02:00
parent 1d180106d6
commit db651723b2
10 changed files with 223 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
roles/windmill/tasks/main.yaml
View File

@@ -18,25 +18,21 @@
MODE: server
service_additional_containers:
- name: worker
image: quay.io/podman/stable:latest
user: podman
entrypoint: /entrypoint.sh
pinp: true
mounts:
- type: volume
source: worker-logs
destination: /worker-logs
destination: /tmp/windmill/logs
- type: volume
source: worker-dependency-cache
destination: /worker-dependency-cache
- type: template
source: worker_entrypoint.sh.j2
destination: /entrypoint.sh
mode: "0755"
- type: volume
source: worker-containers
destination: /home/podman/.local/share/containers
publish_ports: []
env: {}
destination: /tmp/windmill/cache
env:
DATABASE_URL_FILE: /run/secrets/postgres-url
MODE: worker
WORKER_GROUP: default
ENABLE_UNSHARE_PID: "true"
UNSHARE_ISOLATION_FLAGS: "--user --map-root-user --pid --fork"
- name: worker-native
env:
DATABASE_URL_FILE: /run/secrets/postgres-url

27
roles/windmill/templates/worker_entrypoint.sh.j2
View File

@@ -1,27 +0,0 @@
#!/bin/bash
# {{ ansible_managed }}
_term() {
echo "Received SIGTERM, stopping all containers"
kill "$child"
}
podman system service -t 0 &
podman run \
--rm \
-v /run/secrets/postgres-url:/run/secrets/postgres-url:ro \
-e DATABASE_URL_FILE=/run/secrets/postgres-url \
-e MODE=worker \
-e WORKER_GROUP=default \
-e ENABLE_UNSHARE_PID="true" \
-e UNSHARE_ISOLATION_FLAGS="--user --map-root-user --pid --fork" \
-v /tmp/storage-run-1000/podman/podman.sock:/var/run/docker.sock \
-v /worker-logs:/tmp/windmill/logs \
-v /worker-dependency-cache:/tmp/windmill/cache \
--name worker \
--network host \
ghcr.io/windmill-labs/windmill:main &
child=$!
trap _term SIGTERM
wait "$!"