Remove nonsensical podman_enable services

.ansible/roles/keepit.podman

@@ -1 +0,0 @@
-/home/dak/Code/ansible-podman

README.md

@@ -229,8 +229,6 @@ podman_storage_runroot: /run/containers/storage
 #### API & Socket Services
 
 ```yaml
-podman_enable_socket: true      # Enable Podman socket
-podman_enable_api_service: true # Enable REST API
 podman_enable_auto_update: true # Enable automatic container updates
 ```
 
@@ -282,7 +280,6 @@ ansible-playbook -t podman-networks playbook.yml
       vars:
         # Permissive for development
         podman_policy_default_type: "insecureAcceptAnything"
-        podman_enable_socket: true
         
         podman_containers:
           - name: dev-web

defaults/main.yml

@@ -163,8 +163,6 @@ podman_policy_trusted_registries:
 #     unqualified_search: false
 
 # Service management
-podman_enable_socket: false
-podman_enable_api_service: false
 podman_enable_auto_update: false
 
 # Determine if Quadlet should be used (Debian 13+ or other distros)
@@ -178,6 +176,7 @@ podman_mode: "{{ 'quadlet' if podman_use_quadlet else 'started' }}"
 podman_container_defaults:
   state: "{{ podman_mode }}"
   pull: newer
+  systemd: "{{ not podman_use_quadlet }}"
   quadlet_options:
     - "AutoUpdate=registry"
     - "Pull=newer"

handlers/main.yml

@@ -56,12 +56,15 @@
 
 - name: Restart Podman containers
   ansible.builtin.systemd:
-    name: |
-      {{ (podman_systemd_options.container_prefix if podman_generate_systemd | bool else '') ~ item }}
+    name: >-
+      {{ (podman_systemd_options.container_prefix
+      if podman_generate_systemd else '') + item }}
     state: restarted
   listen: Reload systemd
-  loop: |
-    {{ podman_container_output.results | selectattr('changed', 'equalto', true) | map(attribute='item.name') | list }}
+  loop: >-
+    {{ podman_container_output.results |
+    selectattr('changed', 'equalto', true) |
+    map(attribute='item.name') | list }}
   loop_control:
     label: "{{ item }}"
   when:

molecule/default/converge.yml

@@ -1,5 +1,19 @@
 ---
 - name: Converge
   hosts: all
+  pre_tasks:
+    - name: Install curl for verification
+      ansible.builtin.apt:
+        update_cache: true
+        name: curl
+        state: present
+  vars:
+    podman_containers:
+      - name: test_container
+        image: docker.io/nginx:latest
+        systemd: true
+        ports:
+          - "8080:80"
+          - "8443:443"
   roles:
     - ansible-podman

molecule/default/verify.yml

@@ -3,3 +3,57 @@
   hosts: all
   gather_facts: true
   tasks:
+    - name: Verify systemd service file exists on Debian Bookworm
+      stat:
+        path: "/etc/systemd/system/{{ test_container }}.service"
+      register: systemd_service
+      when: inventory_hostname == 'debian-bookworm'
+
+    - name: Assert systemd service exists on Bookworm
+      assert:
+        that:
+          - systemd_service.stat.exists
+        fail_msg: "Expected systemd service file not found for {{ test_container }}"
+      when: inventory_hostname == 'debian-bookworm'
+
+    - name: Verify quadlet .container file exists on Debian Trixie
+      stat:
+        path: "/etc/containers/systemd/{{ test_container }}.container"
+      register: quadlet_file
+      when: inventory_hostname == 'debian-trixie'
+
+    - name: Assert quadlet file exists on Trixie
+      assert:
+        that:
+          - quadlet_file.stat.exists
+        fail_msg: "Expected quadlet .container file not found for {{ test_container }}"
+      when: inventory_hostname == 'debian-trixie'
+
+    - name: Verify test container service is active
+      systemd:
+        name: "podman-{{ test_container }}"
+        state: started
+      register: container_service
+      ignore_errors: yes
+
+    - name: Check container is running
+      command: podman ps --filter "name={{ test_container }}" --format="{{.Names}}"
+      register: running_containers
+      changed_when: false
+
+    - name: Assert test container is running
+      assert:
+        that:
+          - test_container in running_containers.stdout
+        fail_msg: "Test container {{ test_container }} is not running"
+
+    - name: Verify nginx responds on localhost
+      command: curl -fsS http://127.0.0.1:8080
+      register: curl_result
+      changed_when: false
+
+    - name: Assert nginx returned content
+      assert:
+        that:
+          - curl_result.stdout | length > 0
+        fail_msg: "Expected nginx to return content on http://127.0.0.1:8080"

tasks/containers.yml

@@ -205,7 +205,7 @@
     retry_delay: "{{ container_item.retry_delay | default(omit) }}"
 
     # Systemd generation
-    generate_systemd: "{{ container_item.generate_systemd | default(omit) }}"
+    generate_systemd: "{{ container_item.generate_systemd | default(podman_systemd_options) }}"
 
     # Quadlet options
     quadlet_dir: "{{ container_item.quadlet_dir | default(omit) }}"

tasks/services.yml

@@ -1,38 +1,20 @@
 ---
 # Manage Podman services
-
-- name: Enable and start Podman socket
-  ansible.builtin.systemd:
+  ansible.builtin.systemd_service:
     name: podman.socket
     enabled: true
     state: started
     daemon_reload: true
-  when: podman_enable_socket
-
-- name: Disable Podman socket
-  ansible.builtin.systemd:
-    name: podman.socket
-    enabled: false
-    state: stopped
-  when: not podman_enable_socket
 
 - name: Enable and start Podman API service
-  ansible.builtin.systemd:
+  ansible.builtin.systemd_service:
     name: podman.service
     enabled: true
     state: started
     daemon_reload: true
-  when: podman_enable_api_service
-
-- name: Disable Podman API service
-  ansible.builtin.systemd:
-    name: podman.service
-    enabled: false
-    state: stopped
-  when: not podman_enable_api_service
 
 - name: Enable and start Podman auto-update service
-  ansible.builtin.systemd:
+  ansible.builtin.systemd_service:
     name: podman-auto-update.service
     enabled: true
     state: started
@@ -40,7 +22,7 @@
   when: podman_enable_auto_update
 
 - name: Disable Podman auto-update service
-  ansible.builtin.systemd:
+  ansible.builtin.systemd_service:
     name: podman-auto-update.service
     enabled: false
     state: stopped