container: Allow custom ip addresses for more than one network

roles/container/vars/main/general.yaml

@@ -0,0 +1,97 @@
+---
+_container_image: "{{ container_image | replace('/', '_') ~ '.image' }}"
+
+_container_volumes: "{{ container_mounts | selectattr('type', '==', 'volume') }}"
+
+_container_mount_sources: "{{ container_mounts | map(attribute='source') }}"
+_container_mount_destinations: "{{ container_mounts | map(attribute='destination') }}"
+
+_container_volume_mount_sources: >-
+  {{
+    _container_volumes
+    | map(attribute='source')
+    | map('regex_replace', '$', '.volume')
+    | map('community.general.dict_kv', 'source')
+  }}
+
+_container_mounts: >-
+  {{
+    container_mounts | selectattr('type', '!=', 'volume') +
+    container_mounts | selectattr('type', '==', 'volume')
+      | community.general.keep_keys(['type', 'source', 'destination', 'readonly'])
+      | zip(_container_volume_mount_sources) | map('combine')
+  }}
+
+_container_devices_withdefaults: >-
+  {{
+    container_devices
+    | map(attribute='source')
+    | map('community.general.dict_kv', 'destination')
+    | zip(container_devices)
+    | map('combine')
+  }}
+_container_devices: >-
+  {{
+    _container_devices_withdefaults
+    | map(attribute='source')
+    | zip(
+      _container_devices_withdefaults
+      | map(attribute='destination')
+    )
+    | map('join', ':')
+  }}
+
+_container_secrets: >-
+  {{
+    container_secrets
+    | map(attribute='name')
+    | zip(
+      container_secrets
+      | map(attribute='type', default='mount')
+      | map('regex_replace', '^', 'type='),
+      container_secrets
+      | map(attribute='name')
+      | map('community.general.dict_kv', 'target')
+      | zip(container_secrets)
+      | map('combine')
+      | map(attribute='target')
+      | map('regex_replace', '^', 'target=')
+    )
+    | map('join', ',')
+  }}
+
+_container_labels: >-
+  {{
+    {'io.containers.autoupdate.authfile': '/etc/containers/auth.json'}
+    if container_auto_update and
+    container_image.split('/')[0] in
+    podman_registry_accounts | map(attribute='registry')
+    else {}
+  }}
+
+_container_quadlet_unit_options: |
+  [Unit]
+  Description=Container {{ container_name }}
+  StartLimitIntervalSec=30
+  StartLimitBurst=3
+  {% for requirement in container_requires %}
+  Requires={{ requirement }}
+  After={{ requirement }}
+  {% endfor %}
+  {% for want in container_wants %}
+  Wants={{ want }}
+  {% endfor %}
+  [Service]
+  SuccessExitStatus=0 143
+  OOMPolicy=stop
+_container_quadlet_auto_start_options: |
+  [Service]
+  Restart=always
+
+  [Install]
+  WantedBy=multi-user.target
+_container_quadlet_options_incl_empty:
+  - "{{ 'AutoUpdate=registry' if container_auto_update else '' }}"
+  - "{{ _container_quadlet_unit_options }}"
+  - "{{ _container_quadlet_auto_start_options if container_auto_start else '' }}"
+_container_quadlet_options: "{{ _container_quadlet_options_incl_empty | select('!=', '') }}"

roles/container/vars/main/network.yaml

@@ -0,0 +1,27 @@
+---
+_container_networks: >-
+  {{
+    container_networks
+    | map(attribute='name')
+    | map('regex_replace', '$', '.network')
+    | zip(container_networks | map(attribute='ip', default=''))
+    | map('reject', 'equalto', '')
+    | map('join', ':ip=')
+  }}
+
+_container_network_subnet: >-
+  {{ network.ip | ansible.utils.ipsubnet(24) if network.ip | default('') | length > 0 else '' }}
+_container_network_subnet_ranges: >-
+  {{
+    [
+      _container_network_subnet | ansible.utils.ipsubnet(25, 0),
+      _container_network_subnet | ansible.utils.ipsubnet(25, 1)
+    ] if network.ip | default('') | length > 0 else []
+  }}
+_container_network_range: >-
+  {{
+    _container_network_subnet_ranges |
+      reject('ansible.utils.supernet_of', network.ip) |
+      first
+    if network.ip | default('') | length > 0 else ''
+  }}