aboutsummaryrefslogblamecommitdiff
path: root/roles/baikal/tasks/main.yml
blob: d96fe8a73c165b4650c91cf8fdf7afb89624ed84 (plain) (tree)
1
2
3
4
5
6
7
8
9


                                                            
                                                                


                                         

              
              



                                                                       









                                                                    
                       
---
# Baikal needs rw permissions on *config/* for *nginx* user.
# The *nginx* user in the container has uid=101.
- name: Change permissions of baikal files to nginx in namespace
  ansible.builtin.file:
    path: "{{ DATA_ROOT }}/baikal/config"
    recurse: true
    owner: 101
    group: 101
  become: true
  become_method: containers.podman.podman_unshare
  # By default become user is 'root'.
  # https://github.com/containers/ansible-podman-collections/issues/529
  become_user: "{{ USER }}"

- name: Baikal
  containers.podman.podman_container:
    name: baikal
    image: docker.io/ckulka/baikal:nginx
    network: "{{ NETWORK }}"
    volumes:
      # Use 'Z' to privately relable selinux contexts.
      - "{{ DATA_ROOT }}/baikal/config:/var/www/baikal/config:Z"
      - "{{ DATA_ROOT }}/baikal/Specific:/var/www/baikal/Specific:Z"
  notify: Restart nginx