chef-recipes/roles/podman/tasks/main.yml

67 lines
1.4 KiB
YAML

- name: Install base packages
become: true
package:
name:
- podman
- podman-docker
state: present
- name: Add the 'containers' user
become: true
user:
name: containers
shell: /bin/bash
- name: Check if user is lingering
stat:
path: "/var/lib/systemd/linger/containers"
register: user_lingering
- name: Enable lingering is needed
become: true
command: "loginctl enable-linger containers"
when:
- not user_lingering.stat.exists
- name: Allow unprivileged users to open ports
become: true
ansible.posix.sysctl:
name: net.ipv4.ip_unprivileged_port_start
value: "80"
sysctl_set: yes
- name: Enable podman socket
become: true
become_user: containers
ansible.builtin.systemd:
scope: user
name: podman.socket
enabled: yes
state: started
- name: Enable podman auto-update timer
become: true
become_user: containers
ansible.builtin.systemd:
scope: user
name: podman-auto-update.timer
enabled: yes
- name: Copy default containers config file
become: true
ansible.builtin.copy:
remote_src: yes
src: /usr/share/containers/containers.conf
dest: /etc/containers/containers.conf
mode: 0644
- name: Change podman default subnet
become: true
lineinfile:
path: /etc/containers/containers.conf
regex: "^#default_subnet*$"
line: 'default_subnet = "172.16.0.0/24"'
- name: Reboot
become: true
reboot: