2022-03-18 18:07:25 +00:00
|
|
|
---
|
2023-07-28 19:59:01 +00:00
|
|
|
- block:
|
|
|
|
- name: Ensure required packages are installed
|
|
|
|
package:
|
|
|
|
name: "{{ item }}"
|
|
|
|
state: "present"
|
|
|
|
loop:
|
|
|
|
- podman
|
|
|
|
- container-selinux
|
|
|
|
- bash-completion
|
|
|
|
|
|
|
|
- name: Install Podman bash-completion
|
|
|
|
command:
|
|
|
|
cmd: "podman completion bash -f /etc/bash_completion.d/podman"
|
|
|
|
creates: "/etc/bash_completion.d/podman"
|
|
|
|
|
|
|
|
- name: Deploy container configuration
|
|
|
|
template:
|
|
|
|
src: etc/containers/containers.conf.j2
|
|
|
|
dest: /etc/containers/containers.conf
|
|
|
|
owner: root
|
|
|
|
group: root
|
|
|
|
mode: 0644
|
|
|
|
|
|
|
|
- name: Deploy storage configuration
|
|
|
|
template:
|
|
|
|
src: etc/containers/storage.conf.j2
|
|
|
|
dest: /etc/containers/storage.conf
|
|
|
|
owner: root
|
|
|
|
group: root
|
|
|
|
mode: 0644
|
|
|
|
|
|
|
|
- name: Set SELinux booleans
|
|
|
|
seboolean:
|
|
|
|
name: "{{ item.name }}"
|
|
|
|
state: "{{ item.state | bool }}"
|
|
|
|
persistent: "{{ item.persistent | default(True) | bool }}"
|
|
|
|
loop: "{{ podman_sebooleans }}"
|
|
|
|
loop_control:
|
|
|
|
label: "{{ item.name }}: {{ item.state | bool }}"
|
|
|
|
|
|
|
|
- name: Configure namespace id range
|
|
|
|
lineinfile:
|
|
|
|
dest: "{{ item }}"
|
|
|
|
regexp: "^containers:"
|
|
|
|
line: "containers:{{ podman_nsremap_range_start }}:{{ podman_nsremap_range_length }}"
|
|
|
|
loop:
|
|
|
|
- /etc/subuid
|
|
|
|
- /etc/subgid
|
|
|
|
|
|
|
|
- name: Handle registry logins
|
|
|
|
containers.podman.podman_login:
|
|
|
|
registry: "{{ item.url | default(omit) }}"
|
|
|
|
username: "{{ item.username }}"
|
|
|
|
password: "{{ item.password }}"
|
|
|
|
state: '{{ item.state | default("present") }}'
|
|
|
|
loop: "{{ podman_registries }}"
|
|
|
|
loop_control:
|
|
|
|
label: "{{ item.url }}"
|
|
|
|
become: True
|
|
|
|
become_user: root
|