- name: Install WireGuard UI with container block: - name: Login to image registries with podman containers.podman.podman_login: registry: '{{ item.key }}' username: '{{ item.value.username }}' password: '{{ item.value.password }}' become: true no_log: true changed_when: False loop: '{{ wireguard_ui_container_registry_auth | dict2items }}' when: wireguard_ui_container_registry_auth is defined - name: Create configuration dir and subdirs for WireGuard UI file: name: "{{ item }}" state: directory loop: - "{{ wireguard_ui_config_dir }}" - "{{ wireguard_ui_config_dir }}/server" - name: Force login and password change for first admin user template: dest: "{{ wireguard_ui_config_dir }}/users/admin.json" src: admin.json.j2 register: wireguard_ui_auth notify: Restart WireGuard UI with podman - name: Create WireGuard UI with podman containers.podman.podman_container: name: "{{ wireguard_ui_container_name }}" hostname: "{{ wireguard_ui_container_name }}" network_mode: "{{ wireguard_ui_network_mode }}" image: "{{ wireguard_ui_container_registry }}/{{ wireguard_ui_image_name }}:{{ wireguard_ui_image_tag }}" state: created cap_add: - NET_ADMIN env: "{{ wireguard_ui_combined_env }}" volumes: "{{ wireguard_ui_volumes }}" register: wireguard_ui_container notify: Restart WireGuard UI with podman - name: Generate container systemd unit shell: "podman generate systemd {{ wireguard_ui_container_name }}" register: wireguard_ui_systemd_unit changed_when: False - name: Create WireGuard UI systemd unit copy: dest: "/etc/systemd/system/{{ wireguard_ui_systemd_unit_name }}" content: "{{ wireguard_ui_systemd_unit.stdout | regex_replace('^#.*', multiline=True) | trim }}" - name: Create WireGuard UI systemd watcher unit template: dest: "/etc/systemd/system/{{ wireguard_ui_watcher_systemd_service_unit_name }}" src: wireguard-ui-watcher.service.j2 - name: Create WireGuard UI systemd watcher path template: dest: "/etc/systemd/system/{{ wireguard_ui_watcher_systemd_path_unit_name }}" src: wireguard-ui-watcher.path.j2 - name: Logout from image registries containers.podman.podman_logout: registry: '{{ item.key }}' become: true no_log: true changed_when: False loop: '{{ wireguard_ui_container_registry_auth | dict2items }}' when: wireguard_ui_container_registry_auth is defined