From 638a83a9525b595096bc04f0e873dcb23abd62fa Mon Sep 17 00:00:00 2001 From: Evgeni Golov Date: Tue, 14 May 2024 11:29:28 +0200 Subject: [PATCH] run foreman in a container --- .fixtures.yml | 3 +++ manifests/config.pp | 12 ++---------- manifests/init.pp | 2 +- manifests/service.pp | 28 +++++++++++++++++++--------- metadata.json | 4 ++++ 5 files changed, 29 insertions(+), 20 deletions(-) diff --git a/.fixtures.yml b/.fixtures.yml index 571994bd9..349bee87d 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -6,6 +6,9 @@ fixtures: concat: 'https://github.com/puppetlabs/puppetlabs-concat' cron_core: 'https://github.com/puppetlabs/puppetlabs-cron_core' extlib: 'https://github.com/voxpupuli/puppet-extlib' + podman: + repo: 'https://github.com/traylenator/podman' + branch: 'quadlet' postgresql: 'https://github.com/puppetlabs/puppetlabs-postgresql' puppet: 'https://github.com/theforeman/puppet-puppet' redis: 'https://github.com/voxpupuli/puppet-redis' diff --git a/manifests/config.pp b/manifests/config.pp index fb9953d22..5caefa944 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -145,7 +145,7 @@ } if $foreman::apache { - $listen_socket = '/run/foreman.sock' + $listen_socket = 'localhost:3000' class { 'foreman::config::apache': app_root => $foreman::app_root, @@ -154,7 +154,7 @@ serveraliases => $foreman::serveraliases, server_port => $foreman::server_port, server_ssl_port => $foreman::server_ssl_port, - proxy_backend => "unix://${listen_socket}", + proxy_backend => "tcp://${listen_socket}", ssl => $foreman::ssl, ssl_ca => $foreman::server_ssl_ca, ssl_chain => $foreman::server_ssl_chain, @@ -265,12 +265,4 @@ } else { $foreman_socket_override = undef } - - systemd::dropin_file { 'foreman-socket': - ensure => bool2str($foreman_socket_override =~ Undef, 'absent', 'present'), - filename => 'installer.conf', - unit => "${foreman::foreman_service}.socket", - content => $foreman_socket_override, - notify_service => true, - } } diff --git a/manifests/init.pp b/manifests/init.pp index 08d901d38..b95d7f801 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -227,7 +227,7 @@ Optional[String[1]] $db_sslmode = undef, Optional[String[1]] $db_root_cert = undef, Integer[0] $db_pool = 5, - Boolean $db_manage_rake = true, + Boolean $db_manage_rake = false, Stdlib::Port $server_port = 80, Stdlib::Port $server_ssl_port = 443, Stdlib::Absolutepath $server_ssl_ca = $foreman::params::server_ssl_ca, diff --git a/manifests/service.pp b/manifests/service.pp index 7e532bd80..30cc507c0 100644 --- a/manifests/service.pp +++ b/manifests/service.pp @@ -35,14 +35,24 @@ } } - service { "${foreman_service}.socket": - ensure => $foreman_service_ensure, - enable => $foreman_service_enable, - } - - service { $foreman_service: - ensure => $foreman_service_ensure, - enable => $foreman_service_enable, - before => Service["${foreman_service}.socket"], + podman::quadlet { 'foreman.container': + ensure => present, + unit_entry => { + 'Description' => 'Foreman', + }, + service_entry => { + 'TimeoutStartSec' => '900', + }, + container_entry => { + 'Image' => 'quay.io/evgeni/foreman-rpm:latest', + 'PublishPort' => '0.0.0.0:3000:3000', + 'Volume' => '/etc/foreman/:/etc/foreman/', + 'AddCapability' => 'CAP_DAC_OVERRIDE CAP_IPC_OWNER', + 'Network' => 'host', + }, + install_entry => { + 'WantedBy' => 'default.target', + }, + active => true, } } diff --git a/metadata.json b/metadata.json index c1012ba20..0cfbdcbbb 100644 --- a/metadata.json +++ b/metadata.json @@ -43,6 +43,10 @@ { "name": "puppet/redis", "version_requirement": ">= 5.0.0 < 12.0.0" + }, + { + "name": "southalc/podman", + "version_requirement": ">= 0.6.7 < 1.0.0" } ], "requirements": [