blob: 5fe49225835f405927e30c69f0ad26e4404378dd (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
|
- name: ship setup
hosts: all
gather_facts: no
vars:
user: "{{ '$USER' | expandvars }}"
data: "{{ '$HOME/services' | expandvars }}"
# podman-rootless
#
# * using native overflay fs support (no fuse)
# - at least kernel version 5.13
# - podman info -f '{{.Store.GraphDriverName}}'
# -> "overlay"
# - podman info -f '{{index .Store.GraphStatus "Native Overlay Diff"}}'
# -> true
# - if configured with different storage driver before may need to run
# podman system reset # deletes every image/container/.. with old driver
# - cat .local/share/containers/storage/overlay/.has-mount-program
# -> false
#
# * configure storage driver
# > cat .config/containers/storage.conf
# [storage]
# driver = "overlay"
tasks:
# -- LINGER ----------------------------------------------------------------
# Enable lingering for user. A user manager is spawned for the user at boot
# and kept around after logouts. This allows users who are not logged in to
# run long-running services.
- name: enable-linger
become: true
command: loginctl enable-linger {{ user }}
args:
# Command is not re-run if following file exits.
# https://docs.ansible.com/ansible/latest/collections/ansible/builtin/command_module.html#parameter-creates
creates: "/var/lib/systemd/linger/{{ user }}"
# -- PACKAGES --------------------------------------------------------------
- name: install-packages
become: true
ansible.builtin.package:
name: "{{ item }}"
state: latest
loop:
- vim
- podman
- tmux
- git
- ncdu
- restic
# For restic mount.
- fuse
# -- COPY FILES ------------------------------------------------------------
- name: copy-files
ansible.builtin.copy:
src: "{{ item }}"
dest: "{{ data }}"
mode: preserve
loop:
- ftp
- mosquitto
# -- FTP SERVER ------------------------------------------------------------
- name: build-podman-ftp
containers.podman.podman_image:
name: ftp
path: "{{ data }}/ftp"
force: true
register: ftp_build
- name: run-podman-ftp
containers.podman.podman_container:
name: ftp
image: ftp
network: host
volumes:
- "{{ data }}/ftp/inbox:/inbox"
command: python3 -m pyftpdlib --write -d /inbox -u pleb -P moose
recreate: "{{ ftp_build.changed }}"
# -- MOSQUITTO SERVER ------------------------------------------------------
# Use `mosquitto_sub -t '#'` to subscribe to all topics.
- name: run-podman-mosquitto
containers.podman.podman_container:
name: mosquitto
image: docker.io/eclipse-mosquitto
ports:
- "1883:1883/tcp"
volumes:
- "{{ data }}/mosquitto/mosquitto.conf:/mosquitto/config/mosquitto.conf"
# -- HOME ASSISTANT --------------------------------------------------------
- name: add-user-to-group
become: true
user:
name: "{{ user }}"
groups: dialout
append: yes
- name: run-podman-home-assistant
containers.podman.podman_container:
name: homeassistant
image: ghcr.io/home-assistant/home-assistant:stable
network: host
# Keep groups, eg dialout for ttyUSB0.
group_add: keep-groups
volumes:
- "{{ data }}/home-assistant/config:/config"
- "/etc/localtime:/etc/localtime:ro"
device:
- "/dev/ttyUSB0:/dev/ttyUSB0"
# -- USER SYSTEMD UNITS ----------------------------------------------------
- name: generate-user-systemd-units
containers.podman.podman_generate_systemd:
name: "{{ item }}"
dest: ~/.config/systemd/user/
restart_policy: on-failure
restart_sec: 10
loop:
- ftp
- mosquitto
- homeassistant
- name: enable-user-systemd-units
ansible.builtin.systemd:
name: "container-{{ item }}"
scope: user
daemon_reload: true
#state: started
enabled: true
loop:
- ftp
- mosquitto
- homeassistant
|
