xoxys.podman/templates/etc/containers/containers.conf.j2

#jinja2: lstrip_blocks: True
{{ ansible_managed | comment }}
# The containers configuration file specifies all of the available configuration
# command-line options/flags for container engine tools like Podman & Buildah,
# but in a TOML format that can be easily modified and versioned.

# Please refer to containers.conf(5) for details of all configuration options.
# Not all container engines implement all of the options.
# All of the options have hard coded defaults and these options will override
# the built in defaults. Users can then override these options via the command
# line. Container engines will read containers.conf files in up to three
# locations in the following order:
#  1. /usr/share/containers/containers.conf
#  2. /etc/containers/containers.conf
#  3. $HOME/.config/containers/containers.conf (Rootless containers ONLY)
#  Items specified in the latter containers.conf, if they exist, override the
# previous containers.conf settings, or the default settings.

[containers]
default_capabilities = [
  "CHOWN",
  "DAC_OVERRIDE",
  "FOWNER",
  "FSETID",
  "KILL",
  "NET_BIND_SERVICE",
  "SETFCAP",
  "SETGID",
  "SETPCAP",
  "SETUID",
]

default_sysctls = [
  "net.ipv4.ping_group_range=0 0",
]

log_driver = "{{ podman_containers_logger }}"
userns = "auto"

[secrets]

[secrets.opts]

[network]

[engine]
events_logger = "{{ podman_engine_event_logger }}"
runtime = "crun"

[engine.runtimes]

[engine.volume_plugins]

[machine]
initial commit 2022-03-18 18:07:25 +00:00			`#jinja2: lstrip_blocks: True`
			`{{ ansible_managed \| comment }}`
			`# The containers configuration file specifies all of the available configuration`
			`# command-line options/flags for container engine tools like Podman & Buildah,`
			`# but in a TOML format that can be easily modified and versioned.`

			`# Please refer to containers.conf(5) for details of all configuration options.`
			`# Not all container engines implement all of the options.`
			`# All of the options have hard coded defaults and these options will override`
			`# the built in defaults. Users can then override these options via the command`
			`# line. Container engines will read containers.conf files in up to three`
			`# locations in the following order:`
			`# 1. /usr/share/containers/containers.conf`
			`# 2. /etc/containers/containers.conf`
			`# 3. $HOME/.config/containers/containers.conf (Rootless containers ONLY)`
			`# Items specified in the latter containers.conf, if they exist, override the`
			`# previous containers.conf settings, or the default settings.`

			`[containers]`
			`default_capabilities = [`
			`"CHOWN",`
			`"DAC_OVERRIDE",`
			`"FOWNER",`
			`"FSETID",`
			`"KILL",`
			`"NET_BIND_SERVICE",`
			`"SETFCAP",`
			`"SETGID",`
			`"SETPCAP",`
			`"SETUID",`
			`]`

			`default_sysctls = [`
			`"net.ipv4.ping_group_range=0 0",`
			`]`

			`log_driver = "{{ podman_containers_logger }}"`
refactor: drop rootless support (#1) Reviewed-on: https://gitea.rknet.org/ansible/xoxys.podman/pulls/1 Co-authored-by: Robert Kaussow <mail@thegeeklab.de> Co-committed-by: Robert Kaussow <mail@thegeeklab.de> 2023-07-28 19:59:01 +00:00			`userns = "auto"`
initial commit 2022-03-18 18:07:25 +00:00
			`[secrets]`

			`[secrets.opts]`

			`[network]`

			`[engine]`
			`events_logger = "{{ podman_engine_event_logger }}"`
			`runtime = "crun"`

			`[engine.runtimes]`

			`[engine.volume_plugins]`

			`[machine]`