podman: changes to mariadb, forgejo, npm & service

2023-11-05 21:38:04 +01:00 · 2023-11-05 21:38:04 +01:00 · ad7c12712a
commit ad7c12712a
parent 6464bc170b
6 changed files with 12 additions and 19 deletions
--- a/podman/containers/files/npm_docker-compose.yml.jinja
+++ b/podman/containers/files/npm_docker-compose.yml.jinja
@ -8,10 +8,6 @@ services:
      - '80:80' # Public HTTP Port
      - '443:443' # Public HTTPS Port
      - '81:81' # Admin Web Port
-      # Add any other Stream port you want to expose
-      {% for port in STREAMED_PORTS %}
-      - '{{ port }}:{{ port }}'
-      {% endfor %}
    environment:
      DISABLE_IPV6: 'true'
    volumes:
--- a/podman/containers/forgejo.sls
+++ b/podman/containers/forgejo.sls
@ -6,7 +6,7 @@ include:
 podman_containers_forgejo_compose:
  file.managed:
    - name: {{ containers.podman_dir }}/forgejo/docker-compose.yml
-    - source: {{ tpldir }}/files/forgejo_docker-compose.yml.jinja
+    - source: salt://{{ tpldir }}/files/forgejo_docker-compose.yml.jinja
    - template: jinja
    - context:
        MARIADB_USER: {{ salt['pillar.get']('podman:containers:mariadb:user') }}
--- a/podman/containers/mariadb.sls
+++ b/podman/containers/mariadb.sls
@ -6,7 +6,7 @@ include:
 podman_containers_mariadb_compose:
  file.managed:
    - name: {{ containers.podman_dir }}/mariadb/docker-compose.yml
-    - source: {{ tpldir }}/files/mariadb_docker-compose.yml.jinja
+    - source: salt://{{ tpldir }}/files/mariadb_docker-compose.yml.jinja
    - template: jinja
    - context:
        MARIADB_ROOT_PASSWORD: {{ salt['pillar.get']('podman:containers:mariadb:rootpwd') }}
--- a/podman/containers/npm.sls
+++ b/podman/containers/npm.sls
@ -6,10 +6,7 @@ include:
 podman_containers_npm_compose:
  file.managed:
    - name: {{ containers.podman_dir }}/npm/docker-compose.yml
-    - source: {{ tpldir }}/files/npm_docker-compose.yml.jinja
-    - template: jinja
-    - context:
-        STREAMED_PORTS: [22]
+    - source: salt://{{ tpldir }}/files/npm_docker-compose.yml
    - user: puser
    - group: puser
    - mode: '0644'
@ -38,11 +35,3 @@ podman_containers_npm_letsencrypt_dir:
    - makedirs: True
    - require:
      - podman_directory_permissions
-
-podman_containers_npm_privileged_ports:
-  file.managed:
-    - name: /etc/sysctl.d/podman.conf
-    - source: salt://{{ tpldir }}/files/files_unprivileged_ports
-    - user: root
-    - group: root
-    - mode: '0644'
--- a/podman/containers/files/files_unprivileged_ports
+++ b/podman/containers/files/files_unprivileged_ports
--- a/podman/service.sls
+++ b/podman/service.sls
@ -1,7 +1,7 @@
 include:
  - .rootless

-applications_podman_service:
+podman_service:
  service.running:
    - name: podman
    - enable: True
@ -9,3 +9,11 @@ applications_podman_service:
      - file: /etc/conf.d/podman
    - require:
      - podman_rootless_confd
+
+podman_service_unprivileged_ports:
+  file.managed:
+    - name: /etc/sysctl.d/podman.conf
+    - source: salt://{{ tpldir }}/files/files_unprivileged_ports
+    - user: root
+    - group: root
+    - mode: '0644'