role-podman/tasks/configure.yml

- name: "Create conatiners folder"
  file:
    path: "{{ podman_containers_config }}"
    state: directory
    mode: '755'

- name: "Create conatiners folder"
  file:
    path: "/etc/containers"
    state: directory
    mode: '755'


- name: "Create config and data directory"
  ansible.builtin.file:
    path: "{{ item }}"
    state: directory
    mode: '755'
  with_items:
    - "{{ podman_containers_config }}"
    - "{{ podman_containers_config }}/registries.conf.d"
    - "/etc/containers/registries.conf.d"

- name: Copy policy.json
  ansible.builtin.template:
    src: policy.json
    dest: "/etc/containers/policy.json"
    mode: '755'

- name: Copy registries.json
  ansible.builtin.template:
    src: registries.conf
    dest: "/etc/containers/registries.conf"
    mode: '755'

- name: Copy containers.conf
  ansible.builtin.template:
    src: containers.conf
    dest: "{{ podman_containers_config }}/containers.conf"
    mode: '755'

- name: Copy storage.conf
  ansible.builtin.template:
    src: storage.conf
    dest: "{{ podman_containers_config }}/storage.conf"
    mode: '755'

- name: Copy registries.json
  ansible.builtin.template:
    src: registries.conf.d/shortnames.conf
    dest: "/etc/containers/registries.conf.d/shortnames.conf"
    mode: '755'

- name: set ping group range permissions
  ansible.builtin.lineinfile:
    path: "/etc/sysctl.d/podman_ping_group.conf"
    line: "net.ipv4.ping_group_range=0 2000000"
    create: true

- name: Add podman folder to $PATH
  ansible.builtin.copy:
    dest: /etc/profile.d/podman.sh
    content: 'PATH=$PATH:/usr/libexec/podman'

- name: Set Sysctl Permanent
  shell: sysctl kernel.unprivileged_userns_clone=1

- name: Set Sysctl Permanent
  shell: echo 'kernel.unprivileged_userns_clone=1' > /etc/sysctl.d/userns.conf