--- - name: Create Woodpecker volume containers.podman.podman_volume: name: "{{ item }}" state: present loop: - woodpecker - logs - name: Create Woodpecker Forgejo client secret containers.podman.podman_secret: name: woodpecker-forgejo-secret state: present data: "{{ podman_woodpecker_forgejo_client_secret }}" skip_existing: true - name: Create Woodpecker agent secret containers.podman.podman_secret: state: present name: woodpecker-agent-secret data: "{{ podman_woodpecker_agent_secret }}" skip_existing: true - name: Create Woodpecker container containers.podman.podman_container: name: woodpecker state: present image: docker.io/woodpeckerci/woodpecker-server:{{ podman_woodpecker_version }} volumes: - 'woodpecker:/var/lib/woodpecker' - 'logs:/var/lib/woodpecker/logs' - '/etc/timezone:/etc/timezone:ro' - '/etc/localtime:/etc/localtime:ro' ports: - "3001:8000" - "3002:9000" env: WOODPECKER_HOST: "{{ podman_woodpecker_host }}" WOODPECKER_ADMIN: "{{ podman_woodpecker_admin }}" WOODPECKER_OPEN: true WOODPECKER_AGENT_SECRET_FILE: /run/secrets/woodpecker-agent-secret WOODPECKER_FORGEJO: true WOODPECKER_FORGEJO_URL: "{{ podman_woodpecker_forgejo_url }}" WOODPECKER_FORGEJO_CLIENT: "{{ podman_woodpecker_forgejo_client_id }}" WOODPECKER_LOG_STORE: file WOODPECKER_LOG_STORE_FILE_PATH: /var/lib/woodpecker/logs secrets: # There is no *_FILE variable to mount the Forgejo secret, so use envvar instead. - woodpecker-forgejo-secret,type=env,target=WOODPECKER_FORGEJO_SECRET - woodpecker-agent-secret # Gracefully stopping the gRPC handler might take some time; 2m30 is excessive but sufficient. stop_timeout: 150 generate_systemd: restart_policy: always path: ~/.config/systemd/user - name: Start and enable Woodpecker ansible.builtin.systemd_service: name: container-woodpecker.service daemon_reload: true state: started enabled: true scope: user