container: Allow custom ip addresses for more than one network

roles/service/tasks/additional.yaml

@@ -12,7 +12,6 @@
     container_devices: "{{ _service_additional_container.devices | default(service_container_devices) }}"
     container_publish_ports: "{{ _service_additional_container_publish_ports }}"
     container_networks: "{{ _service_additional_container_networks }}"
-    container_ip: "{{ _service_additional_container_ip }}"
     container_hostname: "{{ _service_additional_container.name | regex_replace('^' ~ service_name ~ '-', '') }}"
     container_secrets: "{{ _service_additional_container_secrets }}"
     container_env: "{{ _service_additional_container.env | default(service_container_env) }}"

roles/service/tasks/database.yaml

@@ -15,8 +15,6 @@
         destination: "{{ _service_database_mount_destination }}"
     container_networks: "{{ _service_database_networks }}"
     container_hostname: "{{ service_database_type }}"
-    container_ip: >-
-      {{ service_container_ip | ansible.utils.ipmath(1) if _service_static_ip else '' }}
     container_secrets: "{{ _service_database_secrets }}"
     container_env: "{{ _service_database_env }}"
     container_auto_update: "{{ service_auto_update }}"

roles/service/tasks/main.yaml

@@ -44,7 +44,6 @@
     container_devices: "{{ service_container_devices }}"
     container_publish_ports: "{{ _service_container_publish_ports }}"
     container_networks: "{{ _service_container_networks }}"
-    container_ip: "{{ service_container_ip }}"
     container_secrets: "{{ _service_container_secrets }}"
     container_env: "{{ service_container_env }}"
     container_add_capabilities: "{{ service_container_add_capabilities }}"
@@ -60,7 +59,7 @@
     socat_service_name: "{{ service_name }}"
     socat_target_http_port: "{{ service_container_http_port }}"
     socat_container_ip: >-
-      {{ service_container_ip | ansible.utils.ipmath(3) if _service_static_ip else '' }}
+      {{ service_container_ip | ansible.utils.ipmath(257) if _service_static_ip else '' }}
     socat_auto_update: "{{ service_auto_update }}"
 
 - name: Socat for socket published ports of {{ service_name }}

roles/service/tasks/oauth2_proxy.yaml

@@ -11,7 +11,7 @@
       - --cookie-secret-file
       - /run/secrets/cookie-secret
     container_networks:
-      - "{{ service_name }}-oauth2-proxy"
+      - name: "{{ service_name }}-oauth2-proxy"
     container_secrets:
       - name: "{{ service_name }}-oauth2-proxy-cookie-secret"
         length: 32

roles/service/tasks/redis.yaml

@@ -6,8 +6,7 @@
     container_name: "{{ service_name }}-redis"
     container_image: docker.io/valkey/valkey:alpine
     container_networks:
-      - "{{ service_name }}"
+      - name: "{{ service_name }}"
+        ip: "{{ service_container_ip | ansible.utils.ipmath(2) if _service_static_ip else '' }}"
     container_hostname: redis
-    container_ip: >-
-      {{ service_container_ip | ansible.utils.ipmath(2) if _service_static_ip else '' }}
     container_auto_update: "{{ service_auto_update }}"

roles/service/vars/main/additional.yaml

@@ -22,14 +22,21 @@ _service_additional_container_wants: >-
 
 _service_additional_container_networks: >-
   {{
-    [service_name]
-    + service_container_additional_networks
+    [{
+      'name': service_name,
+      'ip':
+        service_container_ip | ansible.utils.ipmath(20 + _service_additional_container_index)
+        if _service_static_ip else ''
+    }]
     + (
-      _service_additional_container_publish_socket_ports
-      | map(attribute='name')
-      | map('regex_replace', '^', service_name ~ '-')
-      | map('regex_replace', '$', '-socat')
-    )
+      service_container_additional_networks
+      + (
+        _service_additional_container_publish_socket_ports
+        | map(attribute='name')
+        | map('regex_replace', '^', service_name ~ '-')
+        | map('regex_replace', '$', '-socat')
+      )
+    ) | map('community.general.dict_kv', 'name')
   }}
 
 _service_additional_container_secrets: >-
@@ -50,13 +57,6 @@ _service_additional_container_secrets: >-
     else _service_container_secrets
   }}
 
-_service_additional_container_ip: >-
-  {{
-    service_container_ip |
-      ansible.utils.ipmath(20 + _service_additional_container_index)
-      if _service_static_ip else ''
-  }}
-
 _service_additional_container_publish_ports_with_defaults: >-
   {{
     ([{ 'type': 'port', 'host_address': '0.0.0.0' }] * _service_additional_container.publish_ports | length)

roles/service/vars/main/database.yaml

@@ -3,8 +3,11 @@ _service_setup_database: "{{ service_database_type != 'none' }}"
 _service_database_name: "{{ service_name }}-{{ service_database_type }}"
 _service_database_networks: >-
   {{
-    [service_name] +
-      service_database_additional_networks
+    [{
+      'name': service_name,
+      'ip': service_container_ip | ansible.utils.ipmath(1) if _service_static_ip else ''
+    }]
+    + service_database_additional_networks | map('community.general.dict_kv', 'name')
   }}
 
 _service_database_secret:

roles/service/vars/main/general.yaml

@@ -1,10 +1,20 @@
 ---
 _service_container_networks: >-
   {{
-    [service_name]
-    + service_container_additional_networks
-    + ([service_name ~ '-socat'] if service_container_http_port > 0 else [])
-    + (_service_container_publish_socket_ports | map(attribute='name') | map('regex_replace', '^', service_name ~ '-'))
+    [{
+      'name': service_name,
+      'ip': service_container_ip
+    }]
+    + (
+        [{
+          'name': service_name ~ '-socat',
+          'ip': service_container_ip | ansible.utils.ipmath(256) if _service_static_ip else ''
+        }] if service_container_http_port > 0 else []
+      )
+    + (
+      service_container_additional_networks
+      + (_service_container_publish_socket_ports | map(attribute='name') | map('regex_replace', '^', service_name ~ '-'))
+    ) | map('community.general.dict_kv', 'name')
   }}
 _service_static_ip: "{{ service_container_ip | length > 0 }}"