salt-states_old/lib.sls

{% macro container_deploy(container) -%}
{% set user = salt['pillar.get']('podman:user', 'root') %}
{% set home = salt['user.info'](user).home %}
{% set group = salt['pillar.get']('podman:group', 'root') %}
{% set zone = salt['pillar.get']('containers:zone', 'public') %}


{% if pillar['containers'][container]['ports'] is defined %}
Defining firewalld service for {{ container }}:
  firewalld.service:
    - name: {{ container }}
    - ports:
      {%- for port in pillar['containers'][container]['ports'] %}
      {%- if port['protocol'] is defined %}
      {%- set protocol = port['protocol'] %}
      {%- else %}
      {%- set protocol = 'tcp' %}
      {%- endif %}
      - {{ port['host'] }}/{{ protocol }}
      {%- endfor %}

adding service {{ container }} to {{ zone }} zone:
  firewalld.present:
    - name: {{ zone }}
    - services:
      - {{ container }}
{% endif %}

Create container manage file for {{ container }}:
  file.managed:
    - name: "{{ home }}/bin/{{ container }}.sh"
    - source: salt://podman/files/container.sh.jinja
    - template: jinja
    - user: {{ user }}
    - group: {{ group }}
    - mode: "0750"
    - context:
      container: {{ container }}
      args: {{ pillar['containers'][container] }}

{% if pillar['containers'][container]['volumes'] is defined %}
{% for volume, mount in pillar['containers'][container]['volumes'].items() %}
Create {{ volume }} volume for {{ container }}:
  cmd.run:
    - name: podman volume create {{ container }}-{{ volume }}
    - runas: {{ user }}
    - unless: podman volume exists {{ container }}-{{ volume }}
{% endfor %}
{% endif %}

Create container {{ container }}:
  cmd.run:
    - name: "{{ home }}/bin/{{ container }}.sh --create"
    - runas: {{ user }}
    - unless: podman container exists {{ container }}

Create container {{ container }} unit file:
  cmd.run:
    - name: podman generate systemd --name {{ container }} > {{ home }}/.config/systemd/user/{{ container }}.service
    - runas: {{ user }}
    - onchanges:
      - cmd: Create container {{ container }}

Run user daemon reload for {{ container }} unit:
  cmd.run:
    - name: systemctl --user daemon-reload
    - runas: {{ user }}
    - onchanges:
       - cmd: Create container {{ container }} unit file

start container {{ container }}:
  cmd.run:
    - name: "{{ home }}/bin/{{ container }}.sh --start"
    - runas: {{ user }}
    - unless: "{{ home }}/bin/{{ container }}.sh --is-running"
    - onchanges:
      - cmd: Run user daemon reload for {{ container }} unit
    
{% endmacro -%}
. 2022-11-02 10:18:20 +00:00			`{% macro container_deploy(container) -%}`
			`{% set user = salt['pillar.get']('podman:user', 'root') %}`
			`{% set home = salt['user.info'](user).home %}`
			`{% set group = salt['pillar.get']('podman:group', 'root') %}`
			`{% set zone = salt['pillar.get']('containers:zone', 'public') %}`


			`{% if pillar['containers'][container]['ports'] is defined %}`
			`Defining firewalld service for {{ container }}:`
			`firewalld.service:`
			`- name: {{ container }}`
			`- ports:`
			`{%- for port in pillar['containers'][container]['ports'] %}`
			`{%- if port['protocol'] is defined %}`
			`{%- set protocol = port['protocol'] %}`
			`{%- else %}`
			`{%- set protocol = 'tcp' %}`
			`{%- endif %}`
			`- {{ port['host'] }}/{{ protocol }}`
			`{%- endfor %}`

			`adding service {{ container }} to {{ zone }} zone:`
			`firewalld.present:`
			`- name: {{ zone }}`
			`- services:`
			`- {{ container }}`
			`{% endif %}`

			`Create container manage file for {{ container }}:`
			`file.managed:`
			`- name: "{{ home }}/bin/{{ container }}.sh"`
			`- source: salt://podman/files/container.sh.jinja`
			`- template: jinja`
			`- user: {{ user }}`
			`- group: {{ group }}`
			`- mode: "0750"`
			`- context:`
			`container: {{ container }}`
			`args: {{ pillar['containers'][container] }}`

			`{% if pillar['containers'][container]['volumes'] is defined %}`
			`{% for volume, mount in pillar['containers'][container]['volumes'].items() %}`
			`Create {{ volume }} volume for {{ container }}:`
			`cmd.run:`
			`- name: podman volume create {{ container }}-{{ volume }}`
			`- runas: {{ user }}`
			`- unless: podman volume exists {{ container }}-{{ volume }}`
			`{% endfor %}`
			`{% endif %}`

			`Create container {{ container }}:`
			`cmd.run:`
			`- name: "{{ home }}/bin/{{ container }}.sh --create"`
			`- runas: {{ user }}`
			`- unless: podman container exists {{ container }}`

			`Create container {{ container }} unit file:`
			`cmd.run:`
			`- name: podman generate systemd --name {{ container }} > {{ home }}/.config/systemd/user/{{ container }}.service`
			`- runas: {{ user }}`
			`- onchanges:`
			`- cmd: Create container {{ container }}`

			`Run user daemon reload for {{ container }} unit:`
			`cmd.run:`
			`- name: systemctl --user daemon-reload`
			`- runas: {{ user }}`
			`- onchanges:`
			`- cmd: Create container {{ container }} unit file`

			`start container {{ container }}:`
			`cmd.run:`
			`- name: "{{ home }}/bin/{{ container }}.sh --start"`
			`- runas: {{ user }}`
			`- unless: "{{ home }}/bin/{{ container }}.sh --is-running"`
			`- onchanges:`
			`- cmd: Run user daemon reload for {{ container }} unit`

			`{% endmacro -%}`