Update podman role

2025-09-09 12:35:00 +02:00
parent ad681951fd
commit 50fdc3689b
9 changed files with 96 additions and 78 deletions
--- a/tasks/containers.yml
+++ b/tasks/containers.yml
@@ -15,21 +15,21 @@
    hostname: "{{ item.hostname | default(omit) }}"

    # Container runtime options
-    detach: "{{ item.detach | default(true) }}"
-    interactive: "{{ item.interactive | default(false) }}"
-    tty: "{{ item.tty | default(false) }}"
-    rm: "{{ item.auto_remove | default(false) }}"
-    rmi: "{{ item.remove_image | default(false) }}"
-    privileged: "{{ item.privileged | default(false) }}"
-    read_only: "{{ item.read_only | default(false) }}"
-    read_only_tmpfs: "{{ item.read_only_tmpfs | default(true) }}"
-    init: "{{ item.init | default(false) }}"
+    detach: "{{ item.detach | bool | default(omit) }}"
+    interactive: "{{ item.interactive | bool | default(omit) }}"
+    tty: "{{ item.tty | bool | default(omit) }}"
+    rm: "{{ item.auto_remove | bool | default(omit) }}"
+    rmi: "{{ item.remove_image | bool | default(omit) }}"
+    privileged: "{{ item.privileged | bool | default(omit) }}"
+    read_only: "{{ item.read_only | bool | default(omit) }}"
+    read_only_tmpfs: "{{ item.read_only_tmpfs | bool | default(omit) }}"
+    init: "{{ item.init | bool | default(omit) }}"
    init_path: "{{ item.init_path | default(omit) }}"

    # Networking
    network: "{{ item.networks | default(omit) }}"
    publish: "{{ item.ports | default(omit) }}"
-    publish_all: "{{ item.publish_all | default(false) }}"
+    publish_all: "{{ item.publish_all | bool | default(omit) }}"
    expose: "{{ item.expose | default(omit) }}"
    ip: "{{ item.ip | default(omit) }}"
    ip6: "{{ item.ip6 | default(omit) }}"
@@ -39,7 +39,7 @@
    dns_option: "{{ item.dns_options | default(omit) }}"
    dns_search: "{{ item.dns_search | default(omit) }}"
    etc_hosts: "{{ item.add_hosts | default(omit) }}"
-    no_hosts: "{{ item.no_hosts | default(false) }}"
+    no_hosts: "{{ item.no_hosts | bool | default(omit) }}"

    # Storage and volumes
    volume: "{{ item.volumes | default(omit) }}"
@@ -51,10 +51,10 @@
    # Environment variables
    env: "{{ item.env | default(omit) }}"
    env_file: "{{ item.env_files | default(omit) }}"
-    env_host: "{{ item.env_host | default(false) }}"
+    env_host: "{{ item.env_host | bool | default(omit) }}"
    env_merge: "{{ item.env_merge | default(omit) }}"
    unsetenv: "{{ item.unsetenv | default(omit) }}"
-    unsetenv_all: "{{ item.unsetenv_all | default(false) }}"
+    unsetenv_all: "{{ item.unsetenv_all | bool | default(omit) }}"

    # Resource constraints
    memory: "{{ item.memory | default(omit) }}"
@@ -72,7 +72,7 @@
    cpuset_mems: "{{ item.cpuset_mems | default(omit) }}"
    blkio_weight: "{{ item.blkio_weight | default(omit) }}"
    blkio_weight_device: "{{ item.blkio_weight_device | default(omit) }}"
-    oom_kill_disable: "{{ item.oom_kill_disable | default(false) }}"
+    oom_kill_disable: "{{ item.oom_kill_disable | bool | default(omit) }}"
    oom_score_adj: "{{ item.oom_score_adj | default(omit) }}"
    pids_limit: "{{ item.pids_limit | default(omit) }}"

@@ -137,7 +137,7 @@
    healthcheck_start_period: "{{ item.healthcheck_start_period | default(omit) }}"
    healthcheck_retries: "{{ item.healthcheck_retries | default(omit) }}"
    healthcheck_failure_action: "{{ item.healthcheck_failure_action | default(omit) }}"
-    no_healthcheck: "{{ item.no_healthcheck | default(false) }}"
+    no_healthcheck: "{{ item.no_healthcheck | bool | default(omit) }}"

    # Startup health checks
    health_startup_cmd: "{{ item.health_startup_cmd | default(omit) }}"
@@ -161,7 +161,7 @@

    # Pull and image options
    pull: "{{ item.pull | default('missing') }}"
-    image_strict: "{{ item.image_strict | default(false) }}"
+    image_strict: "{{ item.image_strict | bool | default(omit) }}"
    arch: "{{ item.arch | default(omit) }}"
    os: "{{ item.os | default(omit) }}"
    platform: "{{ item.platform | default(omit) }}"
@@ -180,8 +180,8 @@
    # Special options
    attach: "{{ item.attach | default(omit) }}"
    detach_keys: "{{ item.detach_keys | default(omit) }}"
-    sig_proxy: "{{ item.sig_proxy | default(true) }}"
-    http_proxy: "{{ item.http_proxy | default(true) }}"
+    sig_proxy: "{{ item.sig_proxy | bool | default(omit) }}"
+    http_proxy: "{{ item.http_proxy | bool | default(omit) }}"

    # Advanced options
    chrootdirs: "{{ item.chrootdirs | default(omit) }}"
@@ -193,7 +193,7 @@
    preserve_fds: "{{ item.preserve_fds | default(omit) }}"
    rdt_class: "{{ item.rdt_class | default(omit) }}"
    requires: "{{ item.requires | default(omit) }}"
-    rootfs: "{{ item.rootfs | default(false) }}"
+    rootfs: "{{ item.rootfs | bool | default(omit) }}"
    sdnotify: "{{ item.sdnotify | default(omit) }}"
    secrets: "{{ item.secrets | default(omit) }}"
    timezone: "{{ item.timezone | default(omit) }}"
@@ -214,13 +214,13 @@
    # Control options
    cmd_args: "{{ item.cmd_args | default(omit) }}"
    executable: "{{ item.executable | default('podman') }}"
-    recreate: "{{ item.recreate | default(false) }}"
-    force_restart: "{{ item.force_restart | default(false) }}"
-    force_delete: "{{ item.force_delete | default(true) }}"
-    delete_depend: "{{ item.delete_depend | default(false) }}"
+    recreate: "{{ item.recreate | bool | default(omit) }}"
+    force_restart: "{{ item.force_restart | bool | default(omit) }}"
+    force_delete: "{{ item.force_delete | bool | default(omit) }}"
+    delete_depend: "{{ item.delete_depend | bool | default(omit) }}"
    delete_time: "{{ item.delete_time | default(omit) }}"
-    delete_volumes: "{{ item.delete_volumes | default(false) }}"
-    debug: "{{ item.debug | default(false) }}"
+    delete_volumes: "{{ item.delete_volumes | bool | default(omit) }}"
+    debug: "{{ item.debug | bool | default(omit) }}"
  loop: "{{ podman_containers }}"
  loop_control:
    label: "{{ item.name }}"
--- a/tasks/pods.yml
+++ b/tasks/pods.yml
@@ -10,7 +10,7 @@
    volume: "{{ item.volumes | default(omit) }}"
    label: "{{ item.labels | default(omit) }}"
    hostname: "{{ item.hostname | default(omit) }}"
-    infra: "{{ item.infra | default(true) }}"
+    infra: "{{ item.infra | default(omit) }}"
    infra_image: "{{ item.infra_image | default(omit) }}"
    infra_command: "{{ item.infra_command | default(omit) }}"
    infra_name: "{{ item.infra_name | default(omit) }}"
@@ -21,7 +21,7 @@
    ip: "{{ item.ip | default(omit) }}"
    ip6: "{{ item.ip6 | default(omit) }}"
    mac_address: "{{ item.mac_address | default(omit) }}"
-    no_hosts: "{{ item.no_hosts | default(false) }}"
+    no_hosts: "{{ item.no_hosts | default(omit) }}"
    share: "{{ item.share | default(omit) }}"
    share_parent: "{{ item.share_parent | default(omit) }}"
    userns: "{{ item.userns | default(omit) }}"
@@ -59,8 +59,8 @@
    quadlet_filename: "{{ item.quadlet_filename | default(omit) }}"
    quadlet_file_mode: "{{ item.quadlet_file_mode | default(omit) }}"
    quadlet_options: "{{ item.quadlet_options | default(omit) }}"
-    recreate: "{{ item.recreate | default(false) }}"
-    debug: "{{ item.debug | default(false) }}"
+    recreate: "{{ item.recreate | default(omit) }}"
+    debug: "{{ item.debug | default(omit) }}"
  loop: "{{ podman_pods }}"
  loop_control:
    label: "{{ item.name }}"
--- a/tasks/systemd.yml
+++ b/tasks/systemd.yml
@@ -2,49 +2,55 @@
 # Generate systemd service files for Podman containers and pods

 - name: Generate systemd service files for containers
+  vars:
+    systemd_opts: "{{ item.systemd if item.systemd is defined else (item.generate_systemd if item.generate_systemd is defined else {}) }}"
  containers.podman.podman_generate_systemd:
    name: "{{ item.name }}"
    dest: "{{ podman_systemd_dir }}"
    new: "{{ podman_systemd_options.new }}"
    force: "{{ podman_systemd_options.force }}"
-    restart_policy: "{{ item.systemd.restart_policy | default(podman_systemd_options.restart_policy) }}"
-    stop_timeout: "{{ item.systemd.stop_timeout | default(podman_systemd_options.stop_timeout) }}"
-    no_header: "{{ item.systemd.no_header | default(podman_systemd_options.no_header) }}"
-    separator: "{{ item.systemd.separator | default(podman_systemd_options.separator) }}"
-    wants: "{{ item.systemd.wants | default(podman_systemd_options.wants) }}"
-    after: "{{ item.systemd.after | default(podman_systemd_options.after) }}"
-    requires: "{{ item.systemd.requires | default(podman_systemd_options.requires) }}"
-    container_prefix: "{{ item.systemd.container_prefix | default(podman_systemd_options.container_prefix) }}"
-    pod_prefix: "{{ item.systemd.pod_prefix | default(podman_systemd_options.pod_prefix) }}"
-  loop: "{{ podman_containers | selectattr('systemd', 'defined') | list }}"
+    restart_policy: "{{ systemd_opts.restart_policy | default(podman_systemd_options.restart_policy) }}"
+    stop_timeout: "{{ systemd_opts.stop_timeout | default(podman_systemd_options.stop_timeout) }}"
+    no_header: "{{ systemd_opts.no_header | default(podman_systemd_options.no_header) }}"
+    separator: "{{ systemd_opts.separator | default(podman_systemd_options.separator) }}"
+    wants: "{{ systemd_opts.wants | default(podman_systemd_options.wants) }}"
+    after: "{{ systemd_opts.after | default(podman_systemd_options.after) }}"
+    requires: "{{ systemd_opts.requires | default(podman_systemd_options.requires) }}"
+    container_prefix: "{{ systemd_opts.container_prefix | default(podman_systemd_options.container_prefix) }}"
+    pod_prefix: "{{ systemd_opts.pod_prefix | default(podman_systemd_options.pod_prefix) }}"
+  loop: "{{ podman_containers }}"
  loop_control:
    label: "{{ item.name }}"
  when: 
    - podman_generate_systemd | bool
    - podman_containers is defined
    - podman_containers | length > 0
+    - (item.systemd is defined) or (item.generate_systemd is defined)
  notify: Reload systemd

 - name: Generate systemd service files for pods
+  vars:
+    systemd_opts: "{{ item.systemd if item.systemd is defined else (item.generate_systemd if item.generate_systemd is defined else {}) }}"
  containers.podman.podman_generate_systemd:
    name: "{{ item.name }}"
    dest: "{{ podman_systemd_dir }}"
    new: "{{ podman_systemd_options.new }}"
    force: "{{ podman_systemd_options.force }}"
-    restart_policy: "{{ item.systemd.restart_policy | default(podman_systemd_options.restart_policy) }}"
-    stop_timeout: "{{ item.systemd.stop_timeout | default(podman_systemd_options.stop_timeout) }}"
-    no_header: "{{ item.systemd.no_header | default(podman_systemd_options.no_header) }}"
-    separator: "{{ item.systemd.separator | default(podman_systemd_options.separator) }}"
-    wants: "{{ item.systemd.wants | default(podman_systemd_options.wants) }}"
-    after: "{{ item.systemd.after | default(podman_systemd_options.after) }}"
-    requires: "{{ item.systemd.requires | default(podman_systemd_options.requires) }}"
-    container_prefix: "{{ item.systemd.container_prefix | default(podman_systemd_options.container_prefix) }}"
-    pod_prefix: "{{ item.systemd.pod_prefix | default(podman_systemd_options.pod_prefix) }}"
-  loop: "{{ podman_pods | selectattr('systemd', 'defined') | list }}"
+    restart_policy: "{{ systemd_opts.restart_policy | default(podman_systemd_options.restart_policy) }}"
+    stop_timeout: "{{ systemd_opts.stop_timeout | default(podman_systemd_options.stop_timeout) }}"
+    no_header: "{{ systemd_opts.no_header | default(podman_systemd_options.no_header) }}"
+    separator: "{{ systemd_opts.separator | default(podman_systemd_options.separator) }}"
+    wants: "{{ systemd_opts.wants | default(podman_systemd_options.wants) }}"
+    after: "{{ systemd_opts.after | default(podman_systemd_options.after) }}"
+    requires: "{{ systemd_opts.requires | default(podman_systemd_options.requires) }}"
+    container_prefix: "{{ systemd_opts.container_prefix | default(podman_systemd_options.container_prefix) }}"
+    pod_prefix: "{{ systemd_opts.pod_prefix | default(podman_systemd_options.pod_prefix) }}"
+  loop: "{{ podman_pods }}"
  loop_control:
    label: "{{ item.name }}"
  when: 
    - podman_generate_systemd | bool
    - podman_pods is defined
    - podman_pods | length > 0
+    - (item.systemd is defined) or (item.generate_systemd is defined)
  notify: Reload systemd