--- - name: Copy container build files ansible.builtin.copy: src: "{{ item }}" dest: "{{ DATA_ROOT }}/git" owner: "{{ USER }}" group: "{{ USER }}" mode: preserve loop: - gitolite-cgit - runner-zola - runner-mirror - name: Build gitolite cgit image containers.podman.podman_image: name: gitolite-cgit path: "{{ DATA_ROOT }}/git/gitolite-cgit" force: true register: cgito_build # Example ssh config snippet (~/.ssh/config) # host git.memzero.de # user git # port 8022 # identityfile ~/.ssh/memzero - name: Gitolite cgit containers.podman.podman_container: name: cgito image: gitolite-cgit network: "{{ NETWORK }}" ports: - "8022:22" env: SSH_KEY: "{{ lookup('file', lookup('env', 'HOME') + '/.ssh/memzero.pub') }}" volumes: # Use 'Z' to privately relable selinux contexts. - "{{ DATA_ROOT }}/git/repos:/var/lib/git:Z" recreate: "{{ cgito_build.changed }}" notify: Restart nginx - name: Open port for gitolite ssh port ansible.posix.firewalld: port: 8022/tcp permanent: true immediate: true state: enabled become: true - name: Build zola runner image containers.podman.podman_image: name: runner-zola path: "{{ DATA_ROOT }}/git/runner-zola" force: true register: runner_zola_build - name: Start zola runner containers.podman.podman_container: name: runner-zola image: runner-zola network: "{{ NETWORK }}" volumes: # Mount the webserver webroot to deploy the blog. # Use 'z' to shared-ly relable selinux contexts. - "{{ DATA_ROOT }}/nginx/www:/www:z" recreate: "{{ runner_zola_build.changed }}" - name: Build mirror runner image containers.podman.podman_image: name: runner-mirror path: "{{ DATA_ROOT }}/git/runner-mirror" force: true register: runner_mirror_build - name: Start mirror runner containers.podman.podman_container: name: runner-mirror image: runner-mirror network: "{{ NETWORK }}" volumes: # Use 'z' to shared-ly relable selinux contexts. - "{{ DATA_ROOT }}/git/repos/projects.list:/projects.list:ro,z" # Use 'Z' to privately relable selinux contexts. - "{{ DATA_ROOT }}/git/runner-mirror/mirror.key:/mirror.key:ro,Z" recreate: "{{ runner_mirror_build.changed }}"