roles/baikal/tasks/main.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

---
# Baikal needs rw permissions on *config/* for *nginx* user.
# The *nginx* user in the container has uid=101.
- name: Change permissions of baikal files to nginx in namespace
  ansible.builtin.file:
    path: "{{ DATA_ROOT }}/baikal/config"
    recurse: true
    owner: 101
    group: 101
  become: true
  become_method: containers.podman.podman_unshare
  # By default become user is 'root'.
  # https://github.com/containers/ansible-podman-collections/issues/529
  become_user: "{{ USER }}"

- name: Baikal
  containers.podman.podman_container:
    name: baikal
    image: docker.io/ckulka/baikal:nginx
    network: "{{ NETWORK }}"
    volumes:
      # Use 'Z' to privately relable selinux contexts.
      - "{{ DATA_ROOT }}/baikal/config:/var/www/baikal/config:Z"
      - "{{ DATA_ROOT }}/baikal/Specific:/var/www/baikal/Specific:Z"