-
Notifications
You must be signed in to change notification settings - Fork 6
/
config.yml
64 lines (60 loc) · 1.62 KB
/
config.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
---
- name: Ensure podman config directory exists
file:
path: /etc/containers/{{ item }}
state: directory
mode: 0755
become: True
with_items:
- "containers.conf.d"
- "registries.conf.d"
- "storage.conf.d"
- name: Write registries config
become: True
vars:
registry: |
[[registry]]
location = "{{ podman_registry }}"
insecure = {{ podman_registry_insecure | bool | lower }}
copy:
content: "{{ registry }}"
dest: /etc/containers/registries.conf.d/registries.conf
mode: 0644
when: podman_registry is not none
- name: Write storage config
become: True
vars:
config: |
{% if podman_storage_driver is not none %}
driver = {{ podman_storage_driver }}
{% endif %}
{% if podman_runtime_directory is not none %}
runroot = {{ podman_runtime_directory }}
{% endif %}
copy:
content: "{{ config }}"
dest: /etc/containers/storage.conf.d/storage.conf
mode: 0644
when: podman_storage_driver is not none or podman_runtime_directory is not none
- name: Ensure the path for CA file for podman registry exists
file:
path: "/etc/containers/certs.d/{{ podman_registry }}"
owner: root
group: root
mode: 0700
state: directory
become: True
when:
- podman_registry is not none
- podman_registry_ca is not none
- name: Ensure the CA file for private registry exists
copy:
src: "{{ private_registry_ca }}"
dest: "/etc/containers/certs.d/{{ private_registry }}/ca.crt"
owner: root
group: root
mode: 0600
become: True
when:
- podman_registry is not none
- podman_registry_ca is not none