--- - name: Copy container build files ansible.builtin.copy: src: "{{ item }}" dest: "{{ DATA_ROOT }}/git" owner: "{{ USER }}" group: "{{ USER }}" mode: preserve loop: - gitolite-cgit - runner-zola - name: Build gitolite cgit image containers.podman.podman_image: name: gitolite-cgit path: "{{ DATA_ROOT }}/git/gitolite-cgit" force: true register: cgito_build - name: Gitolite cgit containers.podman.podman_container: name: cgito image: gitolite-cgit network: "{{ NETWORK }}" ports: - "2222:22" env: SSH_KEY: "{{ lookup('file', lookup('env', 'HOME') + '/.ssh/memzero.pub') }}" volumes: # Use 'Z' to privately relable selinux contexts. - "{{ DATA_ROOT }}/git/repos:/var/lib/git:Z" recreate: "{{ cgito_build.changed }}" notify: Restart nginx - name: Open port for gitolite ssh port ansible.builtin.iptables: chain: INPUT protocol: tcp match: tcp destination_port: 2222 jump: ACCEPT comment: Accept gitolite SSH connections. become: true - name: Build zola runner image containers.podman.podman_image: name: runner-zola path: "{{ DATA_ROOT }}/git/runner-zola" force: true register: runner_zola_build - name: Start zola runner containers.podman.podman_container: name: runner-zola image: runner-zola network: "{{ NETWORK }}" volumes: # Mount the webserver webroot to deploy the blog. # Use 'z' to shared-ly relable selinux contexts. - "{{ DATA_ROOT }}/nginx/www:/www:z" recreate: "{{ runner_zola_build.changed }}"