Skip to content
/ debian-systemd-podman Public
forked from hifis-net/debian-systemd

Systemd/Docker-compose Debian Container Images for testing Ansible roles with Molecule and Podman

License

MIT license
0 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

theoborealis/debian-systemd-podman

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

113 Commits
.github
.github
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Systemd Debian Container Images For Ansible and Podman

Systemd Debian Container Images for testing Ansible roles with Molecule and Podman. Supported Debian versions:

  • 13 - Trixie
  • 12 - Bookworm

Available Images

Images are built weekly via GitHub Actions and can be downloaded from the GitHub Package Registry.

These tags are available. They are updated on changes to the main branch and are automatically rebuilt once a week.

  • ghcr.io/theoborealis/debian-systemd-podman:13
  • ghcr.io/theoborealis/debian-systemd-podman:12

Container Features

Feature Status Notes
systemd Runs as PID 1
ansible systemd module Full support
podman Full support
docker-compose Run compose files inside container via podman socket
bridge networking Via volume mount /proc/sys/net

How to Use

  • Install Podman

  • Run the container via Podman (unprivileged):

    podman run -it --systemd=true \
    --cap-add SYS_ADMIN,NET_ADMIN \
    --device /dev/fuse \
    -v /proc/sys/net:/proc/sys/net:rw \
    ghcr.io/theoborealis/debian-systemd-podman:12
  • --cap-add SYS_ADMIN,NET_ADMIN - required for nested containers
  • --device /dev/fuse - required for fuse-overlayfs
  • -v /proc/sys/net:/proc/sys/net:rw - network sysctl access (isolated in container network namespace)

Molecule Testing

This image is designed for testing Ansible roles with Molecule.

Example molecule.yml

---
driver:
  name: podman
platforms:
  - name: instance
    image: ghcr.io/theoborealis/debian-systemd-podman:12
    systemd: true
    command: /lib/systemd/systemd
    capabilities:
      - SYS_ADMIN
      - NET_ADMIN
    devices:
      - /dev/fuse
    volumes:
      - /proc/sys/net:/proc/sys/net:rw
    pre_build_image: true
provisioner:
  name: ansible
verifier:
  name: ansible

What's Included

  • systemd (PID 1)
  • podman + docker-compose (run compose files inside container)
  • Non-root ansible user with sudo access

For podman-in-podman support:

  • /etc/subuid, /etc/subgid configured for user namespaces
  • cgroup_manager = "cgroupfs" in /etc/containers/containers.conf
  • DOCKER_HOST=unix:///run/podman/podman.sock for docker-compose compatibility

Debugging

# Enter the container
podman exec -it <container_name> bash

# Check systemd
systemctl status

# Check podman
podman run --rm alpine echo hello

# Check docker-compose
docker-compose version

Forked from https://github.com/hifis-net/debian-systemd

About

Systemd/Docker-compose Debian Container Images for testing Ansible roles with Molecule and Podman

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Languages

  • Dockerfile 100.0%