From ad7c12712abfda20fb94319d4f53c95aab3aad23 Mon Sep 17 00:00:00 2001
From: LinuxSquare <7436714-OfficialLinuxSquare@users.noreply.gitlab.com>
Date: Sun, 5 Nov 2023 21:38:04 +0100
Subject: [PATCH] podman: changes to mariadb, forgejo, npm & service

---
 ...ker-compose.yml.jinja => npm_docker-compose.yml} |  4 ----
 podman/containers/forgejo.sls                       |  2 +-
 podman/containers/mariadb.sls                       |  2 +-
 podman/containers/npm.sls                           | 13 +------------
 .../{containers => }/files/files_unprivileged_ports |  0
 podman/service.sls                                  | 10 +++++++++-
 6 files changed, 12 insertions(+), 19 deletions(-)
 rename podman/containers/files/{npm_docker-compose.yml.jinja => npm_docker-compose.yml} (76%)
 rename podman/{containers => }/files/files_unprivileged_ports (100%)

diff --git a/podman/containers/files/npm_docker-compose.yml.jinja b/podman/containers/files/npm_docker-compose.yml
similarity index 76%
rename from podman/containers/files/npm_docker-compose.yml.jinja
rename to podman/containers/files/npm_docker-compose.yml
index 16b881b..8356987 100644
--- a/podman/containers/files/npm_docker-compose.yml.jinja
+++ b/podman/containers/files/npm_docker-compose.yml
@@ -8,10 +8,6 @@ services:
       - '80:80' # Public HTTP Port
       - '443:443' # Public HTTPS Port
       - '81:81' # Admin Web Port
-      # Add any other Stream port you want to expose
-      {% for port in STREAMED_PORTS %}
-      - '{{ port }}:{{ port }}'
-      {% endfor %}
     environment:
       DISABLE_IPV6: 'true'
     volumes:
diff --git a/podman/containers/forgejo.sls b/podman/containers/forgejo.sls
index 9b1afa0..c191085 100644
--- a/podman/containers/forgejo.sls
+++ b/podman/containers/forgejo.sls
@@ -6,7 +6,7 @@ include:
 podman_containers_forgejo_compose:
   file.managed:
     - name: {{ containers.podman_dir }}/forgejo/docker-compose.yml
-    - source: {{ tpldir }}/files/forgejo_docker-compose.yml.jinja
+    - source: salt://{{ tpldir }}/files/forgejo_docker-compose.yml.jinja
     - template: jinja
     - context:
         MARIADB_USER: {{ salt['pillar.get']('podman:containers:mariadb:user') }}
diff --git a/podman/containers/mariadb.sls b/podman/containers/mariadb.sls
index faed672..adc6e26 100644
--- a/podman/containers/mariadb.sls
+++ b/podman/containers/mariadb.sls
@@ -6,7 +6,7 @@ include:
 podman_containers_mariadb_compose:
   file.managed:
     - name: {{ containers.podman_dir }}/mariadb/docker-compose.yml
-    - source: {{ tpldir }}/files/mariadb_docker-compose.yml.jinja
+    - source: salt://{{ tpldir }}/files/mariadb_docker-compose.yml.jinja
     - template: jinja
     - context:
         MARIADB_ROOT_PASSWORD: {{ salt['pillar.get']('podman:containers:mariadb:rootpwd') }}
diff --git a/podman/containers/npm.sls b/podman/containers/npm.sls
index bd73a32..1ce52fa 100644
--- a/podman/containers/npm.sls
+++ b/podman/containers/npm.sls
@@ -6,10 +6,7 @@ include:
 podman_containers_npm_compose:
   file.managed:
     - name: {{ containers.podman_dir }}/npm/docker-compose.yml
-    - source: {{ tpldir }}/files/npm_docker-compose.yml.jinja
-    - template: jinja
-    - context:
-        STREAMED_PORTS: [22]
+    - source: salt://{{ tpldir }}/files/npm_docker-compose.yml
     - user: puser
     - group: puser
     - mode: '0644'
@@ -38,11 +35,3 @@ podman_containers_npm_letsencrypt_dir:
     - makedirs: True
     - require:
       - podman_directory_permissions
-
-podman_containers_npm_privileged_ports:
-  file.managed:
-    - name: /etc/sysctl.d/podman.conf
-    - source: salt://{{ tpldir }}/files/files_unprivileged_ports
-    - user: root
-    - group: root
-    - mode: '0644'
diff --git a/podman/containers/files/files_unprivileged_ports b/podman/files/files_unprivileged_ports
similarity index 100%
rename from podman/containers/files/files_unprivileged_ports
rename to podman/files/files_unprivileged_ports
diff --git a/podman/service.sls b/podman/service.sls
index e3a9a03..6a4fcc6 100644
--- a/podman/service.sls
+++ b/podman/service.sls
@@ -1,7 +1,7 @@
 include:
   - .rootless
 
-applications_podman_service:
+podman_service:
   service.running:
     - name: podman
     - enable: True
@@ -9,3 +9,11 @@ applications_podman_service:
       - file: /etc/conf.d/podman
     - require:
       - podman_rootless_confd
+
+podman_service_unprivileged_ports:
+  file.managed:
+    - name: /etc/sysctl.d/podman.conf
+    - source: salt://{{ tpldir }}/files/files_unprivileged_ports
+    - user: root
+    - group: root
+    - mode: '0644'