{"id":16780087,"url":"https://github.com/voidquark/podman_play","last_synced_at":"2025-04-10T21:15:15.903Z","repository":{"id":216382045,"uuid":"740661333","full_name":"voidquark/podman_play","owner":"voidquark","description":"Ansible Role - Deploy any app with podman play","archived":false,"fork":false,"pushed_at":"2024-08-14T13:19:53.000Z","size":87,"stargazers_count":5,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-10T21:15:07.029Z","etag":null,"topics":["ansible","ansible-galaxy","ansible-playbook","ansible-role","podman","podman-pod","podman-systemd","redhat","rhel","rootless-containers"],"latest_commit_sha":null,"homepage":"https://galaxy.ansible.com/ui/standalone/roles/voidquark/podman_play/","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/voidquark.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-01-08T20:00:50.000Z","updated_at":"2025-03-13T07:37:56.000Z","dependencies_parsed_at":"2024-05-15T12:20:15.777Z","dependency_job_id":"7b6bc112-8117-4d05-9007-a18b8b9ef9cd","html_url":"https://github.com/voidquark/podman_play","commit_stats":null,"previous_names":["voidquark/podman_play"],"tags_count":12,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/voidquark%2Fpodman_play","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/voidquark%2Fpodman_play/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/voidquark%2Fpodman_play/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/voidquark%2Fpodman_play/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/voidquark","download_url":"https://codeload.github.com/voidquark/podman_play/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248298312,"owners_count":21080320,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","ansible-galaxy","ansible-playbook","ansible-role","podman","podman-pod","podman-systemd","redhat","rhel","rootless-containers"],"created_at":"2024-10-13T07:33:59.634Z","updated_at":"2025-04-10T21:15:15.882Z","avatar_url":"https://github.com/voidquark.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# Podman Play - Deploy Any App\n\n[![License](https://img.shields.io/github/license/voidquark/podman_play)](LICENSE)\n\nAnsible Role to deploy apps in root-less containers from a Kubernetes Pod YAML definition. The application pod runs as a systemd service using Podman Quadlet, in your own user namespace.\n\n**🔑 Key Features**\n- **🚀 Deploy Any Application**: Easily deploy any application using a Kubernetes YAML pod definition.\n- **🛡️ Root-less deployment**: Ensure secure containerization by running custom applications in a root-less mode within a user namespace. Management of the container is handled through a Quadlet systemd unit.\n- **🔄 Idempotent deployment**: Role embraces idempotent deployment, ensuring that the state of your deployment always matches your desired inventory.\n- **🧩 Flexible Configuration**: Easily customize deployment configuration to match your specific requirements.\n\nExplore the simplicity of deploying popular applications such as [Dashy](https://dashy.to/), [Nextcloud](https://nextcloud.com/), [Jellyfin](https://jellyfin.org/), and [Hashi Vault](https://www.vaultproject.io/) with this role [in the blog post](https://voidquark.com/blog/podman-play-to-deploy-any-app) 📢.\n\n## Table of Content\n\n- [Requirements](#requirements)\n- [Role Variables](#role-variables)\n- - [Default Variables - `defaults/main.yml`](#default-variables---defaultsmainyml)\n- - [Required Variables](#required-variables)\n- - [Optional Variables](#optional-variables)\n- [Playbook](#playbook)\n\n## Requirements\n\n- Ansible 2.10+\n- Tested on `RHEL`/`RockyLinux` 9 and `Fedora` but should work with compatible distributions.\n- Ensure that the `podman` and `loginctl` binaries are present on the target system.\n- If the following Ansible collections are not already available in your environment, please install them: `ansible-galaxy collection install ansible.posix` and `ansible-galaxy collection install containers.podman`.\n\n## Role Variables\n\n### Default Variables - `defaults/main.yml`\n\n```yaml\npodman_play_root_dir: \"/home/{{ podman_play_user | default(ansible_user_id) }}/{{ podman_play_pod_name }}\"\n```\nDefault application root directory where configuration files, Kubernetes pod YAML definitions, and other directories are stored. If not specified, it uses home of the user who executed the playbook.\n\n```yaml\npodman_play_template_config_dir: \"{{ podman_play_root_dir }}/template_configs\"\n```\nDefault path where your custom application configs are templated from the `podman_play_custom_conf` variable.\n\n```yaml\npodman_play_pod_state: \"quadlet\"\n```\nEnsure that the pod is in the quadlet state. This ensures that the Quadlet file is generated in the user namespace.\n\n```yaml\npodman_play_pod_recreate: true\n```\nThis ensures that any change in the configuration file or Kubernetes pod YAML definition triggers pod recreation to apply the latest changes, such as an image tag change.\n\n### Required Variables\n\nThe following variables are not set by default, but they are required for deployment. You will need to define these variables. Below are **example** values.\n\n```yaml\npodman_play_pod_name: \"dashy\"\n```\nSpecify your application pod name.\n\n```yaml\npodman_play_pod_quadlet_options:\n  - \"[Install]\"\n  - \"WantedBy=multi-user.target default.target\"\n```\nThese default Quadlet options ensure that the service starts on boot.\n\n```yaml\npodman_play_pod_yaml_definition: |\n  ---\n  apiVersion: v1\n  kind: Pod\n  metadata:\n    labels:\n      app: \"{{ podman_play_pod_name }}\"\n    name: \"{{ podman_play_pod_name }}\"\n  spec:\n    containers:\n      - name: \"{{ podman_play_pod_name }}\"\n        image: docker.io/lissy93/dashy:latest\n        ports:\n          - containerPort: 80\n            hostPort: 9500\n        stdin: true\n        tty: true\n        volumeMounts:\n          - mountPath: /app/public/conf.yml:Z\n            name: dashy_config\n    volumes:\n      - hostPath:\n          path: \"{{ podman_play_template_config_dir }}/conf.yml\"\n          type: File\n        name: dashy_config\n```\nDefine the Kubernetes pod YAML definition to be used by the `podman_play` module for deployment. For more details, refer to the [Kubernetes pod documentation](https://kubernetes.io/docs/concepts/workloads/pods/).\n\n### Optional Variables\n\nThese optional variables are not required and are not set by default. You can use these variables to extend your deployment. Below are **example** values.\n\n```yaml\npodman_play_user: \"dashy\"\n```\nOS user that runs your pod app. If not specified, it uses the user who executed the playbook.\n\n```yaml\npodman_play_group: \"dashy\"\n```\nOS group for the app user.\n\n```yaml\npodman_play_custom_conf:\n  - filename: \"conf.yml\"\n    raw_content: |\n      # Example Raw Config for conf.yml\n  - filename: \"another_config.conf\"\n    raw_content: |\n      # Example Raw Config for another_config.conf\n```\nThis variable allows you to deploy any number of configuration files for your deployment. Content is always templated into the `podman_play_template_config_dir` directory.\n\n```yaml\npodman_play_dirs:\n  - \"{{ podman_play_root_dir }}/var_www_html\"\n  - \"{{ podman_play_root_dir }}/var_lib_mysql\"\n```\nCreate additional directories for your application. You can then mount these directories into your pod by defining the paths in the volumes section of `podman_play_pod_yaml_definition`.\n\n```yaml\npodman_play_firewalld_expose_ports:\n  - \"9500/tcp\"\n```\nList of ports in `port/tcp` or `port/udp` format that should be exposed via firewalld.\n\n```yaml\npodman_play_auto_update: false\n```\nIf you're using image tags without specific versions, such as `latest` or `stable`, you can enable the auto-update feature. However, to activate this feature, you need to annotate the pod YAML definition with `io.containers.autoupdate: registry`. Without this annotation, the auto-update won't take effect. For more details on how it works, check out the [documentation](https://docs.podman.io/en/latest/markdown/podman-auto-update.1.html#auto-updates-and-kubernetes-yaml).\nWhen set to `false`, the auto-update feature is disabled. This feature is disabled by default.\n\n```yaml\npodman_play_pod_authfile: \"\"\npodman_play_pod_build: \"\"\npodman_play_pod_cert_dir: \"\"\npodman_play_pod_configmap: \"\"\npodman_play_pod_context_dir: \"\"\npodman_play_pod_debug: \"\"\npodman_play_pod_executable: \"\"\npodman_play_pod_log_driver: \"\"\npodman_play_pod_log_level: \"\"\npodman_play_pod_network: \"\"\npodman_play_pod_password: \"\"\npodman_play_pod_username: \"\"\npodman_play_pod_quiet: \"\"\npodman_play_pod_seccomp_profile_root: \"\"\npodman_play_pod_tls_verify: \"\"\npodman_play_pod_userns: \"\"\npodman_play_pod_quadlet_dir: \"\"\n```\nAdditional variables related to the `podman_play_module`. Check the [module documentation](https://docs.ansible.com/ansible/latest/collections/containers/podman/podman_play_module.html) for possible values.\nWith these variables, you can modify pod deployment specifications.\n\n## Dependencies\n\nNo Dependencies.\n\n## Playbook\n\n* Example playbook to deploy your custom container app\n\n```yaml\n- name: Manage your pod app\n  hosts: yourhost\n  gather_facts: true\n  roles:\n    - role: voidquark.podman_play\n```\n\n## License\n\nMIT\n\n## Contribution\n\nFeel free to customize and enhance the role according to your needs. Your feedback and contributions are greatly appreciated. Please open an issue or submit a pull request with any improvements.\n\n## Author Information\n\nCreated by [VoidQuark](https://voidquark.com)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvoidquark%2Fpodman_play","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvoidquark%2Fpodman_play","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvoidquark%2Fpodman_play/lists"}