Add systemd and enforce rootless.
This commit is contained in:
parent
11f89d97d8
commit
ede0473ede
@ -1,12 +1,9 @@
|
|||||||
---
|
---
|
||||||
#- name: Nextcloud | Assert all secrets have been configured.
|
- name: Assert that we are not logged in as root
|
||||||
# ansible.builtin.assert:
|
assert:
|
||||||
# that:
|
that:
|
||||||
# - nextcloud_config.NEXTCLOUD_ADMIN_PASSWORD is defined
|
- ansible_user_id != 'root'
|
||||||
# - nextcloud_config.NEXTCLOUD_ADMIN_PASSWORD | length > 0
|
fail_msg: "Podman containers are rootless, so please do not run this role as root."
|
||||||
# fail_msg: "NEXTCLOUD_ADMIN_PASSWORD is not configured"
|
|
||||||
# quiet: true
|
|
||||||
# no_log: true
|
|
||||||
|
|
||||||
- name: Ensure that only one database backend is defined
|
- name: Ensure that only one database backend is defined
|
||||||
ansible.builtin.assert:
|
ansible.builtin.assert:
|
||||||
@ -20,24 +17,5 @@
|
|||||||
fail_msg: "Only one of SQLITE_DATABASE, POSTGRES_PASS or MYSQL_PASSWORD should be defined"
|
fail_msg: "Only one of SQLITE_DATABASE, POSTGRES_PASS or MYSQL_PASSWORD should be defined"
|
||||||
no_log: true
|
no_log: true
|
||||||
|
|
||||||
- name: Nextcloud | Create volumes
|
- import_tasks: podman.yml
|
||||||
containers.podman.podman_volume:
|
- import_tasks: systemd.yml
|
||||||
state: present
|
|
||||||
name: "{{ item }}"
|
|
||||||
recreate: no
|
|
||||||
debug: no
|
|
||||||
loop: "{{ nextcloud_create_volumes }}"
|
|
||||||
|
|
||||||
# https://github.com/nextcloud/docker/blob/master/.examples/docker-compose/with-nginx-proxy/mariadb/fpm/docker-compose.yml
|
|
||||||
- name: Nextcloud | Create container
|
|
||||||
containers.podman.podman_container:
|
|
||||||
debug: no
|
|
||||||
conmon_pidfile: "{{ nextcloud_pidfile }}"
|
|
||||||
image: "{{ nextcloud_image }}:{{ nextcloud_version }}"
|
|
||||||
image_strict: yes
|
|
||||||
recreate: yes
|
|
||||||
state: started
|
|
||||||
name: "{{ nextcloud_name }}"
|
|
||||||
env: "{{ nextcloud_config }}"
|
|
||||||
volume: "{{ nextcloud_volumes }}"
|
|
||||||
ports: "{{ nextcloud_ports }}"
|
|
Loading…
Reference in New Issue
Block a user