fedora-bootc-testserver.yml

---
- hosts: fedora-bootc-testserver

  name: Perform post build install/config of Fedora bootc server
  gather_facts: yes
  become: yes

  pre_tasks:
  - name: Set the system hostname correctly
    ansible.builtin.hostname:
      name: "{{ inventory_hostname }}"
      use: systemd
    tags:
    - hostname

  #- name: Set the system timezone correctly
    #community.general.timezone:
      #name: "{{ timezone }}"
    #tags:
    #- timesync

  - name: What's the user containers directory?
    debug:
      var: mount_point_user_containers

  - name: Configure storage directory for rootless containers
    block:
    - name: Set correct directory ownership/permissions for rootless container mount point
      file:
        path: "{{ mount_point_user_containers }}"
        state: directory
        owner: root
        group: root
        mode: '0777'

    # Fix the SELinux permissions for user container storage as per:
    # https://github.com/containers/podman/issues/12812
    # https://github.com/containers/podman/issues/3234
    # $ sudo semanage fcontext -a -e $HOME/.local/share/containers /mnt/containers
    # $ restorecon -R -v /mnt
    - name: Allow users to modify files in their local container storage directories
      community.general.sefcontext:
        target: "{{ mount_point_user_containers }}"
        # Trying to set seuser is redundant when using SELinux targeted policy
        seuser: unconfined_u
        setype: data_home_t
        state: present

    - name: Apply new SELinux file context to filesystem
      #ansible.builtin.command: restorecon -irv /mnt/containers
      ansible.builtin.command: restorecon -iv {{ mount_point_user_containers }}

    when: mount_point_user_containers is defined
    tags:
    - podman

  roles:
  #- common
  #- server
  - fedora.linux_system_roles.storage
  - fedora.linux_system_roles.timesync
  - fedora.linux_system_roles.cockpit
  - fedora.linux_system_roles.podman
  #- fedora.linux_system_roles.kdump
  - tmux
  #- librespot