Fixup to run services on podman

2026-06-01 08:57:28 +01:00
parent 5d09ebda34
commit 04ef0de699
3 changed files with 43 additions and 19 deletions
@@ -4,7 +4,7 @@

  vars:
    username: matt
-    nas_host: 192.168.1.160
+    nas_host: 192.168.1.161

    mounts:
      apt_cache:
@@ -66,8 +66,7 @@
        apply:
          become: true
      vars:
-        # Prometheus is currently running on port 9090
-        cockpit_port: 9091
+        cockpit_port: 9090
        cockpit_packages: default

    - name: Gather package facts
@@ -196,11 +195,23 @@
        network: webservices
        label:
          io.containers.autoupdate: registry
-        state: started
+        state: stopped

-    - name: Enable podman auto-update timer
+    - name: Enable lingering for {{ username }}
      become: true
+      ansible.builtin.command:
+        cmd: loginctl enable-linger {{ username }}
+      changed_when: false
+
+    - name: Enable user-level podman restart service
+      ansible.builtin.systemd:
+        name: podman-restart.service
+        enabled: true
+        scope: user
+
+    - name: Enable user-level podman auto-update timer
      ansible.builtin.systemd:
        name: podman-auto-update.timer
        enabled: true
        state: started
+        scope: user
@@ -4,12 +4,10 @@

  vars:
    username: matt
-    nas_host: nas.localdomain
+    gitea_uid: "977"
+    gitea_gid: "988"

-    mounts:
-      gitea_data:
-        local: "/mnt/gitea_data"
-        remote: "/var/nfs/shared/gitea_data"
+    nfs_mounts:
      gitea_repos:
        local: "/mnt/gitea_repos"
        remote: "/var/nfs/shared/gitea_repos"
@@ -24,6 +22,15 @@
        name: podman
        state: present

+    - name: Create local data directory for gitea
+      become: true
+      ansible.builtin.file:
+        path: /srv/gitea/data
+        state: directory
+        owner: "{{ username }}"
+        group: "{{ username }}"
+        mode: "0755"
+
    - name: Allow containers to access NFS mounts
      become: true
      ansible.posix.seboolean:
@@ -36,25 +43,25 @@
      ansible.posix.mount:
        path: "{{ item.value.local }}"
        state: unmounted
-      loop: "{{ mounts | dict2items }}"
+      loop: "{{ nfs_mounts | dict2items }}"

-    - name: Create mountpoint directories for gitea
+    - name: Create mountpoint directories for NFS volumes
      become: true
      ansible.builtin.file:
        path: "{{ item.value.local }}"
        state: directory
        mode: "0755"
-      loop: "{{ mounts | dict2items }}"
+      loop: "{{ nfs_mounts | dict2items }}"

    - name: Mount NFS volumes for gitea
      become: true
      ansible.posix.mount:
-        src: "192.168.1.160:{{ item.value.remote }}"
+        src: "192.168.1.161:{{ item.value.remote }}"
        path: "{{ item.value.local }}"
        opts: nfsvers=3,proto=tcp,rw
        state: mounted
        fstype: nfs
-      loop: "{{ mounts | dict2items }}"
+      loop: "{{ nfs_mounts | dict2items }}"

    - name: Open firewall ports for gitea
      become: true
@@ -81,20 +88,26 @@
        label:
          io.containers.autoupdate: registry
        env:
-          USER_UID: "977"
-          USER_GID: "988"
+          USER_UID: "{{ gitea_uid }}"
+          USER_GID: "{{ gitea_gid }}"
          TZ: Europe/London
        volumes:
-          - /mnt/gitea_data:/data:z
+          - /srv/gitea/data:/data:z
          - /mnt/gitea_repos:/data/git/repositories:z
        ports:
          - "3002:3000"
          - "2222:22"
        state: started

-    - name: Enable podman auto-update timer
+    - name: Enable lingering for {{ username }}
      become: true
+      ansible.builtin.command:
+        cmd: loginctl enable-linger {{ username }}
+      changed_when: false
+
+    - name: Enable user-level podman auto-update timer
      ansible.builtin.systemd:
        name: podman-auto-update.timer
        enabled: true
        state: started
+        scope: user