blob: 131b97106ae638641450bb35e0a66e8ff9694656 (
plain) (
tree)
|
|
---
- name: Copy container build files
ansible.builtin.copy:
src: "{{ item }}"
dest: "{{ DATA_ROOT }}/git"
owner: "{{ USER }}"
group: "{{ USER }}"
mode: preserve
loop:
- gitolite-cgit
- runner-zola
- name: Build gitolite cgit image
containers.podman.podman_image:
name: gitolite-cgit
path: "{{ DATA_ROOT }}/git/gitolite-cgit"
force: true
register: cgito_build
- name: Gitolite cgit
containers.podman.podman_container:
name: cgito
image: gitolite-cgit
network: "{{ NETWORK }}"
ports:
- "2222:22"
env:
SSH_KEY: "{{ lookup('file', lookup('env', 'HOME') + '/.ssh/memzero.pub') }}"
volumes:
# Use 'Z' to privately relable selinux contexts.
- "{{ DATA_ROOT }}/git/repos:/var/lib/git:Z"
recreate: "{{ cgito_build.changed }}"
notify: Restart nginx
- name: Open port for gitolite ssh port
ansible.builtin.iptables:
chain: INPUT
protocol: tcp
match: tcp
destination_port: 2222
jump: ACCEPT
comment: Accept gitolite SSH connections.
become: true
- name: Build zola runner image
containers.podman.podman_image:
name: runner-zola
path: "{{ DATA_ROOT }}/git/runner-zola"
force: true
register: runner_zola_build
- name: Start zola runner
containers.podman.podman_container:
name: runner-zola
image: runner-zola
network: "{{ NETWORK }}"
volumes:
# Mount the webserver webroot to deploy the blog.
# Use 'z' to shared-ly relable selinux contexts.
- "{{ DATA_ROOT }}/nginx/www:/www:z"
recreate: "{{ runner_zola_build.changed }}"
|
