✨: replace docker with podman

2025-11-23 16:28:38 +01:00
parent e4c66c065f
commit f182e8ead7
10 changed files with 54 additions and 61 deletions
--- a/roles/act_runner/tasks/main.yml
+++ b/roles/act_runner/tasks/main.yml
@@ -1,14 +1,7 @@
 ---

- name: Create act_runner user
-  ansible.builtin.user:
-    name: "{{ act_runner_user }}"
-    state: present
-    system: true
-    create_home: true
-    home: "{{ act_runner_home }}"
-    groups:
-      - docker
+- name: Configure act_runner user
+  ansible.builtin.include_tasks: user.yml

 - name: Download act_runner executable
  ansible.builtin.get_url:
--- a/roles/act_runner/tasks/user.yml
+++ b/roles/act_runner/tasks/user.yml
@@ -0,0 +1,33 @@
+---
+
+- name: Create act_runner user
+  ansible.builtin.user:
+    name: "{{ act_runner_user }}"
+    state: present
+    system: true
+    create_home: true
+    home: "{{ act_runner_home }}"
+  register: _act_runner_user
+
+- name: Configure subuid/subgid
+  ansible.builtin.lineinfile:
+    path: "/etc/{{ item }}"
+    state: present
+    line: "{{ act_runner_user }}:100000:65536"
+  loop:
+    - subuid
+    - subgid
+
+- name: Enable linger
+  ansible.builtin.command:
+    cmd: "/usr/bin/loginctl enable-linger {{ act_runner_user }}"
+    creates: "/var/lib/systemd/linger/{{ act_runner_user }}"
+
+- name: Ensure podman is started
+  ansible.builtin.systemd_service:
+    name: podman.socket
+    state: started
+    enabled: true
+    scope: user
+  become: true
+  become_user: "{{ act_runner_user }}"