diff --git a/defaults/main.yml b/defaults/main.yml index fedae75..0b2dc11 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,5 +1,6 @@ --- podman_version_check: true +podman_rootless: false podman_version: "v4.6.2" podman_netavark_version: "v1.7.0" podman_conmon_version: "v2.1.7" diff --git a/tasks/configure.yml b/tasks/configure.yml index 4e35c9d..f6f9fe1 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -62,3 +62,8 @@ dest: /etc/profile.d/podman.sh content: 'PATH=$PATH:/usr/libexec/podman' +- name: Set Sysctl Permanent + shell: sysctl kernel.unprivileged_userns_clone=1 + +- name: Set Sysctl Permanent + shell: echo 'kernel.unprivileged_userns_clone=1' > /etc/sysctl.d/userns.conf diff --git a/tasks/main.yml b/tasks/main.yml index 8e0969f..dbca53f 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -2,22 +2,19 @@ - name: Gather variables for each operating system include_vars: "{{ ansible_distribution | lower }}.yml" +- name: Set values for root or rootless running + set_fact: + become: "{{ podman_rootless }}" + + + - name: "Get Podman version" - become: yes - become_user: podman_rootless - ansible.builtin.shell: "XDG_RUNTIME_DIR=/run/user/2534 echo v$(podman --version | cut -d' ' -f 3)" + ansible.builtin.shell: "echo v$(podman --version | cut -d' ' -f 3)" register: podman_active_version changed_when: false failed_when: false ignore_errors: true - when: podman_version_check|bool - -- name: "test" - debug: - msg: "{{ podman_active_version }}" - -- include_tasks: setup_user.yml - when: (not podman_version_check|bool) or podman_active_version.stdout is not defined or podman_active_version.stdout != podman_version + when: podman_version_check|bool - include_tasks: install.yml when: (not podman_version_check|bool) or podman_active_version.stdout is not defined or podman_active_version.stdout != podman_version diff --git a/tasks/systemd-services.yml b/tasks/systemd-services.yml index 3060085..34fd1f7 100644 --- a/tasks/systemd-services.yml +++ b/tasks/systemd-services.yml @@ -2,18 +2,10 @@ ansible.builtin.systemd: daemon_reload: true -- name: Exec lingur - shell: loginctl enable-linger 2534 - - name: Setup podman.socket - become: yes - become_user: podman_rootless systemd_service: enabled: true name: podman.socket state: started - scope: "user" - environment: - XDG_RUNTIME_DIR: /run/user/2534 diff --git a/templates/storage.conf b/templates/storage.conf index 0b1afb0..5f5ef97 100644 --- a/templates/storage.conf +++ b/templates/storage.conf @@ -1,5 +1,7 @@ [storage] driver = "overlay" +runroot = "/var/run/containers/storage" +graphroot = "/var/run/containers/graphroot" [storage.options.overlay] mount_program = "/usr/bin/fuse-overlayfs"