service: Option to not pass host header to container service

Make compatcheck deduplicatable
network: Avoid duplicate runs
2025-04-05 04:38:57 +03:00 · 2025-04-05 00:35:22 +03:00 · 2025-04-05 00:25:11 +03:00 · 2025-04-05 00:24:49 +03:00
8 changed files with 26 additions and 12 deletions
--- a/roles/container/tasks/main.yaml
+++ b/roles/container/tasks/main.yaml
@@ -7,6 +7,7 @@
    name: network
  vars:
    network_name: "{{ network }}"
+  when: network_created_networks is not defined or network not in network_created_networks
  loop: "{{ container_networks }}"
  loop_control:
    loop_var: network
--- a/roles/network/tasks/main.yaml
+++ b/roles/network/tasks/main.yaml
@@ -5,3 +5,7 @@
    state: quadlet
    quadlet_file_mode: "0644"
  notify: Reload systemd daemon
+
+- name: Add network to created networks variable
+  ansible.builtin.set_fact:
+    network_created_networks: "{{ network_created_networks | default([]) + [network_name] }}"
--- a/roles/podman/meta/main.yaml
+++ b/roles/podman/meta/main.yaml
@@ -0,0 +1,9 @@
+---
+dependencies:
+  - role: uumas.general.compatcheck
+    vars:
+      compatcheck_supported_distributions:
+        - name: debian
+          version_min: 13
+        - name: ubuntu
+          version_min: 24
--- a/roles/podman/tasks/main.yaml
+++ b/roles/podman/tasks/main.yaml
@@ -1,18 +1,6 @@
 ---
- name: Ensure host distribution is supported
-  ansible.builtin.import_role:
-    name: uumas.general.compatcheck
-  vars:
-    compatcheck_supported_distributions:
-      - name: debian
-        version_min: 13
-      - name: ubuntu
-        version_min: 24
-  tags: podman
-
 - name: Install podman
  ansible.builtin.apt:
    name:
      - podman
      - aardvark-dns
-  tags: podman
--- a/roles/service/defaults/main.yaml
+++ b/roles/service/defaults/main.yaml
@@ -1,6 +1,7 @@
 ---
 service_domains: []
 service_vhost_locations: []
+service_proxy_pass_host_header: true

 service_container_additional_networks: []
 service_container_user: ""
--- a/roles/service/meta/argument_specs.yaml
+++ b/roles/service/meta/argument_specs.yaml
@@ -20,8 +20,14 @@ argument_specs:
          - Required if service_domains is not empty.
        type: int
        required: false
+      service_proxy_pass_host_header:
+        description: Passed to vhost role as vhost_proxy_pass_header
+        type: bool
+        required: false
+        default: true
      service_vhost_locations:
        description: Passed to vhost role as vhost_locations
+        type: list
        required: false
        default: []

--- a/roles/service/tasks/proxy.yaml
+++ b/roles/service/tasks/proxy.yaml
@@ -33,4 +33,5 @@
    vhost_domains: "{{ service_domains }}"
    vhost_proxy_target_netproto: unix
    vhost_proxy_target_socket: "/run/{{ service_name }}-socat.sock"
+    vhost_proxy_headers: "{{ _service_proxy_headers }}"
    vhost_locations: "{{ service_vhost_locations }}"
--- a/roles/service/vars/main.yaml
+++ b/roles/service/vars/main.yaml
@@ -19,3 +19,7 @@ _service_container_secrets: >

 _service_container_requires: "{{ service_requires + ([_service_database_name + '.service'] if _service_setup_database else []) }}"
 _service_container_wants: "{{ service_wants + ([service_name + '-socat.socket'] if service_domains | length > 0 else []) }}"
+
+_service_replacement_host_header:
+  Host: "{{ service_name }}:{{ service_container_http_port }}"
+_service_proxy_headers: "{{ _service_replacement_host_header if not service_proxy_pass_host_header else {} }}"
Author	SHA1	Message	Date
uumas	093e7846ad	service: Option to not pass host header to container service	2025-04-05 04:38:57 +03:00
uumas	6acdcd6dac	Make compatcheck deduplicatable	2025-04-05 00:35:22 +03:00
uumas	bdac6ee513	network: Avoid duplicate runs	2025-04-05 00:25:11 +03:00
uumas	56d86d964c	podman: remove tags	2025-04-05 00:24:49 +03:00