From b4a1a63982589d692c5c551794e6866c6cf82bc8 Mon Sep 17 00:00:00 2001
From: Matej Focko <me@mfocko.xyz>
Date: Tue, 29 Aug 2023 11:13:58 +0200
Subject: [PATCH] roles(system/podman): create podman configuration

Signed-off-by: Matej Focko <me@mfocko.xyz>
---
 roles/system/podman/tasks/install.yml |  9 +++++++++
 roles/system/podman/tasks/main.yml    | 19 +++++++++++++++++++
 2 files changed, 28 insertions(+)
 create mode 100644 roles/system/podman/tasks/install.yml
 create mode 100644 roles/system/podman/tasks/main.yml

diff --git a/roles/system/podman/tasks/install.yml b/roles/system/podman/tasks/install.yml
new file mode 100644
index 0000000..85e6f06
--- /dev/null
+++ b/roles/system/podman/tasks/install.yml
@@ -0,0 +1,9 @@
+---
+- name: Install Podman and dependencies
+  ansible.builtin.package:
+    name:
+      - podman
+      - crun
+      - podman-compose
+      - distrobox
+    state: present
diff --git a/roles/system/podman/tasks/main.yml b/roles/system/podman/tasks/main.yml
new file mode 100644
index 0000000..b1aa8a1
--- /dev/null
+++ b/roles/system/podman/tasks/main.yml
@@ -0,0 +1,19 @@
+---
+- name: Packages
+  ansible.builtin.include_tasks: install.yml
+  tags: install
+
+# UIDs/GIDs for rootless containers
+- name: Set multiple gids for target user
+  ansible.builtin.lineinfile:
+    path: "/etc/subgid"
+    regexp: "^{{ target_user }}:"
+    line: "{{ target_user }}:100000:65536"
+  tags: podman/rootless
+
+- name: Set multiple uids for target user
+  ansible.builtin.lineinfile:
+    path: "/etc/subuid"
+    regexp: "^{{ target_user }}:"
+    line: "{{ target_user }}:100000:65536"
+  tags: podman/rootless