---
argument_specs:
  main:
    description: Sets up podman container with systemd units (quadlet)
    options:
      container_name:
        description: Name of the container. Must be unique within a host.
        type: str
        required: true
      container_command:
        description: Command to start the container with.
        type: list
        required: false
        default: []
        elements: str
      container_entrypoint:
        description: Entrypoint to use for the continaer
        type: str
        required: false
        default: ""
      container_user:
        description: The UID to run as inside the container
        type: str
        required: false
        default: ""

      container_image:
        description: "The image to run in the container, in FQIN format (registry/imagename:tag)"
        type: str
        required: true

      container_mounts:
        description: List of bind mounts or volumes to be mounted inside the container.
        type: list
        required: false
        default: []
        elements: dict
        options:
          type:
            description: Type of mount
            type: str
            required: true
            choices:
              - volume
              - bind
          source:
            description:
              - Mount source.
              - If mount type is volume, name of the volume.
              - If mount type is bind, host path to bind mount inside the container.
            type: str
            required: true
          destination:
            description: Path inside the container to mount at
            type: str
            required: true
          readonly:
            description: If true, mount will be read only inside the container
            type: bool
            required: false
            default: false
          user:
            description: Volume owner uid. Only applicable if mount type is volume.
            type: str
            required: false
            default: ""
          group:
            description: Volume owner gid. Only applicable if mount type is volume.
            type: str
            required: false
            default: ""
          volume_device:
            description: >-
              The path of a device which is mounted for the volume.
              Only applicable if mount type is volume.
            type: str
            required: false
            default: ""
          volume_type:
            description: >-
              The filesystem type of device as used by the mount commands -t option
              Only applicable if mount type is volume.
            type: str
            required: false
            default: ""
          volume_mount_options:
            description: >-
              The mount options to use for a filesystem as used by the mount command -o option
              Only applicable if mount type is volume.
            type: list
            elements: str
            required: false
            default: []

      container_publish_ports:
        description: "A list of published ports in docker format (<host listen address>:<host port>:<container port>)"
        type: list
        required: false
        default: []
        elements: str
      container_networks:
        description: A list of podman networks for the container.
        type: list
        required: false
        default: []
        elements: str
      container_ip:
        description: IPv4 address for the container in the first network defined in container_networks
        type: str
        required: false
        default: ""
      container_secrets:
        description: A list of secrets available to the container as file or environment variable
        type: list
        required: false
        default: []
        elements: dict
        options:
          name:
            description: Name of the secret
            type: str
            required: true
          value:
            description:
              - Value of the secret. Defaults to a 128-character random string containing alphanumeric characters.
              - If the value is not explicitly set, it will not be changed if the secret already exists.
            type: str
            required: false
          length:
            description: Length of randomly generated string
            type: int
            required: false
            default: 128
          type:
            description: How the secret will be exposed to the container
            type: str
            choices:
              - mount
              - env
            default: mount
          target:
            description: >
              Where the secret will be available inside the container. If type is mount, this is
              either a full file path or a filename under /run/secrets. If type is env, this is
              the name of the environment variable. Defaults to secret name.
            type: str
            required: false

      container_env:
        description: A dict of environment variables for the container
        type: dict
        required: false
        default: {}

      container_requires:
        description: >
          List of systemd units (like other containers) this one depends on.
          You should ensure they are created before this one, or at least within
          the same play, before handlers are flushed.
        type: list
        required: false
        default: []
        elements: str
      container_wants:
        description: >
          List of systemd units (like other containers) this one wants.
          You should ensure they are created within the same play, before handlers are flushed.
        type: list
        required: false
        default: []
        elements: str
      container_auto_start:
        description: Set to false to not start the container automatically on boot or restart on failure.
        type: bool
        required: false
        default: true
      container_auto_update:
        description: Whether to let podman automatically update the container whenever the specified image gets updated
        type: bool
        required: false
        default: true