72 lines
1.8 KiB
YAML
72 lines
1.8 KiB
YAML
---
|
|
# container_runtime/tasks/main.yml
|
|
- name: Install required base packages
|
|
become: true
|
|
dnf:
|
|
name: "{{ item }}"
|
|
state: present
|
|
loop: "{{ base_runtime_install_packages }}"
|
|
|
|
- name: Enable lingering for rootless containers
|
|
become: true
|
|
command: "loginctl enable-linger {{ container_user }}"
|
|
args:
|
|
creates: "/var/lib/systemd/linger/{{ container_user }}"
|
|
|
|
- name: Allow rootless to bind to low ports
|
|
become: true
|
|
sysctl:
|
|
name: net.ipv4.ip_unprivileged_port_start
|
|
value: '53'
|
|
state: present
|
|
|
|
- name: Check configuration directories exist
|
|
ansible.builtin.stat:
|
|
path: "{{ item }}"
|
|
loop:
|
|
- "{{ stack_root }}"
|
|
- "{{ container_config_dir }}"
|
|
register: config_dirs_stats
|
|
|
|
- name: Build list of missing configuration directories
|
|
ansible.builtin.set_fact:
|
|
missing_config_dirs: >-
|
|
{{
|
|
config_dirs_stats.results
|
|
| rejectattr('stat.exists')
|
|
| map(attribute='item')
|
|
| list
|
|
}}
|
|
|
|
- name: Create stack directories
|
|
file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
owner: "{{ container_user }}"
|
|
group: "{{ container_group }}"
|
|
mode: "0755"
|
|
recurse: yes
|
|
loop: "{{ missing_config_dirs }}"
|
|
when: missing_config_dirs | length > 0
|
|
|
|
|
|
- name: Configure SELinux container policies
|
|
ansible.builtin.import_tasks: ../selinux_containers/tasks/main.yml
|
|
|
|
- name: Deploy Podman Network Quadlet
|
|
become: true
|
|
template:
|
|
src: homelab.network.j2
|
|
dest: "{{ container_config_dir }}/homelab.network"
|
|
mode: "0644"
|
|
owner: "{{ container_user }}"
|
|
group: "{{ container_group }}"
|
|
|
|
- name: Set fact for systemd
|
|
ansible.builtin.set_fact:
|
|
service_name: "homelab-network"
|
|
|
|
- name: Execute systemd tasks
|
|
ansible.builtin.import_role:
|
|
name: container_runtime
|
|
tasks_from: systemd |