Fixup to run services on podman

apt-cacher-ng.yaml

@@ -4,7 +4,7 @@
 
   vars:
     username: matt
-    nas_host: 192.168.1.160
+    nas_host: 192.168.1.161
 
     mounts:
       apt_cache:

frontend-cockpit.yaml

@@ -66,8 +66,7 @@
         apply:
           become: true
       vars:
-        # Prometheus is currently running on port 9090
+        cockpit_port: 9090
-        cockpit_port: 9091
         cockpit_packages: default
 
     - name: Gather package facts
@@ -196,11 +195,23 @@
         network: webservices
         label:
           io.containers.autoupdate: registry
-        state: started
+        state: stopped
 
-    - name: Enable podman auto-update timer
+    - name: Enable lingering for {{ username }}
       become: true
+      ansible.builtin.command:
+        cmd: loginctl enable-linger {{ username }}
+      changed_when: false
+
+    - name: Enable user-level podman restart service
+      ansible.builtin.systemd:
+        name: podman-restart.service
+        enabled: true
+        scope: user
+
+    - name: Enable user-level podman auto-update timer
       ansible.builtin.systemd:
         name: podman-auto-update.timer
         enabled: true
         state: started
+        scope: user

gitea.yaml

@@ -4,12 +4,10 @@
 
   vars:
     username: matt
-    nas_host: nas.localdomain
+    gitea_uid: "977"
+    gitea_gid: "988"
 
-    mounts:
+    nfs_mounts:
-      gitea_data:
-        local: "/mnt/gitea_data"
-        remote: "/var/nfs/shared/gitea_data"
       gitea_repos:
         local: "/mnt/gitea_repos"
         remote: "/var/nfs/shared/gitea_repos"
@@ -24,6 +22,15 @@
         name: podman
         state: present
 
+    - name: Create local data directory for gitea
+      become: true
+      ansible.builtin.file:
+        path: /srv/gitea/data
+        state: directory
+        owner: "{{ username }}"
+        group: "{{ username }}"
+        mode: "0755"
+
     - name: Allow containers to access NFS mounts
       become: true
       ansible.posix.seboolean:
@@ -36,25 +43,25 @@
       ansible.posix.mount:
         path: "{{ item.value.local }}"
         state: unmounted
-      loop: "{{ mounts | dict2items }}"
+      loop: "{{ nfs_mounts | dict2items }}"
 
-    - name: Create mountpoint directories for gitea
+    - name: Create mountpoint directories for NFS volumes
       become: true
       ansible.builtin.file:
         path: "{{ item.value.local }}"
         state: directory
         mode: "0755"
-      loop: "{{ mounts | dict2items }}"
+      loop: "{{ nfs_mounts | dict2items }}"
 
     - name: Mount NFS volumes for gitea
       become: true
       ansible.posix.mount:
-        src: "192.168.1.160:{{ item.value.remote }}"
+        src: "192.168.1.161:{{ item.value.remote }}"
         path: "{{ item.value.local }}"
         opts: nfsvers=3,proto=tcp,rw
         state: mounted
         fstype: nfs
-      loop: "{{ mounts | dict2items }}"
+      loop: "{{ nfs_mounts | dict2items }}"
 
     - name: Open firewall ports for gitea
       become: true
@@ -81,20 +88,26 @@
         label:
           io.containers.autoupdate: registry
         env:
-          USER_UID: "977"
+          USER_UID: "{{ gitea_uid }}"
-          USER_GID: "988"
+          USER_GID: "{{ gitea_gid }}"
           TZ: Europe/London
         volumes:
-          - /mnt/gitea_data:/data:z
+          - /srv/gitea/data:/data:z
           - /mnt/gitea_repos:/data/git/repositories:z
         ports:
           - "3002:3000"
           - "2222:22"
         state: started
 
-    - name: Enable podman auto-update timer
+    - name: Enable lingering for {{ username }}
       become: true
+      ansible.builtin.command:
+        cmd: loginctl enable-linger {{ username }}
+      changed_when: false
+
+    - name: Enable user-level podman auto-update timer
       ansible.builtin.systemd:
         name: podman-auto-update.timer
         enabled: true
         state: started
+        scope: user