You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

78 lines
2.2 KiB

- name: Install podman, podman networking plugins, and python support packages
dnf:
name: ['podman', 'containernetworking-plugins', 'podman-plugins', 'python3-pip', 'systemd-container']
state: present
- name: Install podman-compose pip Package
pip:
name: "{{ item }}"
state: present
with_items:
- podman-compose
- pexpect
- ansible-vault
- name: Create Service Users
user:
name: "{{ item }}"
loop:
"{{ service_users }}"
- name: Enable systemd-user session initialization over ssh
lineinfile:
dest: /etc/pam.d/sshd
line: "session optional pam_systemd.so"
- name: Enable remote login session linger
command:
cmd: loginctl enable-linger "{{ item }}"
loop:
"{{ service_users }}"
- name: Generate podman shell completion scripts for bash
command: "podman completion bash"
- name: Create machinectl bash alias
lineinfile:
path: "/home/{{ item }}/.bashrc"
regexp: '^su() '
line: "su() { if [[ $1 == \"-\" ]]; then command machinectl shell --uid \"$2\"; else command machinectl shell --uid \"$1\"; fi; }"
loop: "{{ service_users }}"
- lineinfile:
path: "/root/.bashrc"
2 months ago
regexp: '^su() '
line: "su() { if [[ $1 == \"-\" ]]; then command machinectl shell --uid \"$2\"; else command machinectl shell --uid \"$1\"; fi; }"
- name: Enable permissive_container_t SELinux Context
selinux_permissive:
name: container_t
permissive: true
- name: Add hosts file entry for hostname
lineinfile:
path: /etc/hosts
regexp: '^127\.0\.0\.1'
line: "127.0.0.1 {{ inventory_hostname }} localhost localhost.localdomain localhost4 localhost4.localdomain4"
owner: root
group: root
mode: 0644
- lineinfile:
path: /etc/hosts
regexp: '^::1'
line: "::1 {{ inventory_hostname }} localhost localhost.localdomain localhost6 localhost6.localdomain6"
owner: root
group: root
mode: 0644
# - name: Copy cni networking driver config into place
# blockinfile:
# name: "/etc/cni/net.d/podman.conflist"
# insertafter: "*\"plugins\": [*"
# block: " {
# \"type\": \"dnsname\",
# \"domainName\": \"dns.podman\",
# \"capabilities\": {
# \"aliases\": true
# }"