--- - name: Gitea setup hosts: gitea vars: username: matt nas_host: nas.localdomain mounts: gitea_data: local: "/mnt/gitea_data" remote: "/var/nfs/shared/gitea_data" gitea_repos: local: "/mnt/gitea_repos" remote: "/var/nfs/shared/gitea_repos" gitea_backups: local: "/mnt/gitea_backups" remote: "/var/nfs/shared/gitea_backups" tasks: - name: Install Podman become: true ansible.builtin.package: name: podman state: present - name: Allow containers to access NFS mounts become: true ansible.posix.seboolean: name: virt_use_nfs state: true persistent: true - name: Unmount NFS volumes before creating mountpoint directories become: true ansible.posix.mount: path: "{{ item.value.local }}" state: unmounted loop: "{{ mounts | dict2items }}" - name: Create mountpoint directories for gitea become: true ansible.builtin.file: path: "{{ item.value.local }}" state: directory mode: "0755" loop: "{{ mounts | dict2items }}" - name: Mount NFS volumes for gitea become: true ansible.posix.mount: src: "192.168.1.160:{{ item.value.remote }}" path: "{{ item.value.local }}" opts: nfsvers=3,proto=tcp,rw state: mounted fstype: nfs loop: "{{ mounts | dict2items }}" - name: Open firewall ports for gitea become: true ansible.posix.firewalld: port: "{{ item }}/tcp" permanent: true state: enabled immediate: true loop: - 3002 - 2222 - name: Create shared container network containers.podman.podman_network: name: webservices state: present - name: Start gitea containers.podman.podman_container: name: gitea image: docker.io/gitea/gitea:latest restart_policy: always network: webservices label: io.containers.autoupdate: registry env: USER_UID: "977" USER_GID: "988" TZ: Europe/London volumes: - /mnt/gitea_data:/data:z - /mnt/gitea_repos:/data/git/repositories:z ports: - "3002:3000" - "2222:22" state: started - name: Enable podman auto-update timer become: true ansible.builtin.systemd: name: podman-auto-update.timer enabled: true state: started