--- - hosts: all name: Gitea web server tasks: - name: Get containers UID ansible.builtin.command: "id -u containers" register: uid_containers changed_when: uid_containers.rc != 0 - name: Stop running containers become_user: containers become: true ansible.builtin.systemd: scope: user name: container-{{ item }}.service state: stopped loop: - act_runner failed_when: false - name: Create podman volumes containers.podman.podman_volume: state: present name: "{{ item }}" become_user: containers become: true loop: - act_runner - name: Pull container images become_user: containers become: true containers.podman.podman_image: name: docker.io/{{ item }} loop: - gitea/act_runner:latest - name: Change permission to act_runner folder become_user: root become: true ansible.builtin.file: path: /etc/act_runner owner: containers group: containers mode: "0700" state: directory - name: Copy config directory become_user: root become: true ansible.builtin.template: src: "templates/{{ item }}.j2" dest: "/etc/act_runner/{{ item }}" owner: containers group: containers mode: "0600" loop: - configuration.yml - name: Create act_runner instance become_user: containers become: true containers.podman.podman_container: name: act_runner image: gitea/act_runner:latest state: present security_opt: # - label=type:container_runtime_t - label=disable device: - /dev/fuse publish: - "8088:8088" volume: - act_runner:/data:Z - /etc/act_runner:/config:Z - /run/user/{{ uid_containers.stdout }}/podman/podman.sock:/var/run/docker.sock:z env: GITEA_INSTANCE_URL: "{{ vault_act_runner_host }}" GITEA_RUNNER_REGISTRATION_TOKEN: "{{ vault_act_runner_token }}" GITEA_RUNNER_NAME: "{{ inventory_hostname_short }}" CONFIG_FILE: "/config/configuration.yml" generate_systemd: path: /home/containers/.config/systemd/user/ restart_policy: on-failure names: true new: true - name: Start containers at boot become_user: containers become: true ansible.builtin.systemd: scope: user name: container-{{ item }}.service enabled: true state: started daemon_reload: true loop: - act_runner