3.2 KiB
Podman Quadlet Service Ansible role
An Ansible role to deploy Quadlet-based Podman services.
Role Variables
service_name: "generic-service"
The name of the service to deploy.
containers: []
A list of Podman container definitions. Each container definition should receive the same parameters that are described at containers.podman.podman_container module.
create_network: false
Set to true to create a dedicated a Podman network for this service. The network's name will be the same as service_name.
create_pod: false
Set the value to true to create a pod for this service. All the containers defined in containers will belong to this pod. The name of the pod will be the same as servoce_name.
network: {}
A Podman network definition. It should receive the same parameters that are described at containers.podman.podman_network_module.
pod: {}
A podman pod definition. It should receive the same parameters that are described at containers.podman.podman_pod module.
secrets: []
A list of Podman secret definitions. Each secret definition should receive the same parameters that are described at containers.podman.podman_secret module.
service_user: "root"
The name of the user that will execute the service. If the user is not root the service will run in rootless mode. See the rootless tutorial for more info about running containers in rootless mode.
Example playbook
- name: Playbook
hosts: webservers
roles:
- role: ansible-role-podman-quadlet-service
vars:
service_name: nginx
create_network: true
create_pod: false
containers:
- name: nginx
image: nginx:latest
env:
ENV_VAR: "value"
secrets:
- my-secret,type=env,target=SECRET_ENV_VAR
userns: "keep-id:uid=1000,gid=1000"
volumes:
- "%h/logs:/var/log/nginx"
ports:
- "80:80"
quadlet_filename: nginx-app
quadlet_file_mode: "600"
quadlet_options:
- |
[Service]
Restart=always
- |
[Install]
WantedBy=default.target
secrets:
- name: my-secret
data: "super-secret-value"
License
GPLv3
Author Information
Created with ❤️ by z3r0.