run foreman in a container

theforeman · May 14, 2024 · 5d8eb38 · 5d8eb38
1 parent a5a5a8e
commit 5d8eb38
Show file tree

Hide file tree

Showing 5 changed files with 29 additions and 20 deletions.
diff --git a/.fixtures.yml b/.fixtures.yml
@@ -6,6 +6,9 @@ fixtures:
     concat: 'https://github.com/puppetlabs/puppetlabs-concat'
     cron_core: 'https://github.com/puppetlabs/puppetlabs-cron_core'
     extlib: 'https://github.com/voxpupuli/puppet-extlib'
+    podman:
+      repo: 'https://github.com/traylenator/podman'
+      branch: 'quadlet'
     postgresql: 'https://github.com/puppetlabs/puppetlabs-postgresql'
     puppet: 'https://github.com/theforeman/puppet-puppet'
     redis: 'https://github.com/voxpupuli/puppet-redis'

diff --git a/manifests/config.pp b/manifests/config.pp
@@ -145,7 +145,7 @@
   }
 
   if $foreman::apache {
-    $listen_socket = '/run/foreman.sock'
+    $listen_socket = 'localhost:3000'
 
     class { 'foreman::config::apache':
       app_root           => $foreman::app_root,
@@ -154,7 +154,7 @@
       serveraliases      => $foreman::serveraliases,
       server_port        => $foreman::server_port,
       server_ssl_port    => $foreman::server_ssl_port,
-      proxy_backend      => "unix://${listen_socket}",
+      proxy_backend      => "http://${listen_socket}",
       ssl                => $foreman::ssl,
       ssl_ca             => $foreman::server_ssl_ca,
       ssl_chain          => $foreman::server_ssl_chain,
@@ -265,12 +265,4 @@
   } else {
     $foreman_socket_override = undef
   }
-
-  systemd::dropin_file { 'foreman-socket':
-    ensure         => bool2str($foreman_socket_override =~ Undef, 'absent', 'present'),
-    filename       => 'installer.conf',
-    unit           => "${foreman::foreman_service}.socket",
-    content        => $foreman_socket_override,
-    notify_service => true,
-  }
 }
diff --git a/manifests/init.pp b/manifests/init.pp
@@ -227,7 +227,7 @@
   Optional[String[1]] $db_sslmode = undef,
   Optional[String[1]] $db_root_cert = undef,
   Integer[0] $db_pool = 5,
-  Boolean $db_manage_rake = true,
+  Boolean $db_manage_rake = false,
   Stdlib::Port $server_port = 80,
   Stdlib::Port $server_ssl_port = 443,
   Stdlib::Absolutepath $server_ssl_ca = $foreman::params::server_ssl_ca,

diff --git a/manifests/service.pp b/manifests/service.pp
@@ -35,14 +35,24 @@
     }
   }
 
-  service { "${foreman_service}.socket":
-    ensure => $foreman_service_ensure,
-    enable => $foreman_service_enable,
-  }
-
-  service { $foreman_service:
-    ensure => $foreman_service_ensure,
-    enable => $foreman_service_enable,
-    before => Service["${foreman_service}.socket"],
+  podman::quadlet { 'foreman.container':
+    ensure          => present,
+    unit_entry      => {
+      'Description' => 'Foreman',
+    },
+    service_entry   => {
+      'TimeoutStartSec' => '900',
+    },
+    container_entry => {
+      'Image'         => 'quay.io/evgeni/foreman-rpm:latest',
+      'PublishPort'   => ['0.0.0.0:3000:3000'],
+      'Volume'        => ['/etc/foreman/:/etc/foreman/'],
+      'AddCapability' => ['CAP_DAC_OVERRIDE', 'CAP_IPC_OWNER'],
+      'Network'       => 'host',
+    },
+    install_entry   => {
+      'WantedBy' => 'default.target',
+    },
+    active          => true,
   }
 }
diff --git a/metadata.json b/metadata.json
@@ -43,6 +43,10 @@
     {
       "name": "puppet/redis",
       "version_requirement": ">= 5.0.0 < 12.0.0"
+    },
+    {
+      "name": "southalc/podman",
+      "version_requirement": ">= 0.6.7 < 1.0.0"
     }
   ],
   "requirements": [