diff --git a/roles/float-base-docker/tasks/podman.yml b/roles/float-base-docker/tasks/podman.yml
index 04692d48b54b128df2045e2957aea6164d6847b5..1a234d173abd91361962a426f64feea8c65dd69e 100644
--- a/roles/float-base-docker/tasks/podman.yml
+++ b/roles/float-base-docker/tasks/podman.yml
@@ -1,34 +1,19 @@
---
-# Pick a package source for Podman - defaults to using the stock
-# Debian package since bullseye. Possible choices are 'ai' (a version
-# pinned in our repository, tested working on Debian buster), 'debian'
-# (use standard Debian packages, only available from bullseye) or
-# 'kubic' (use the upstream Kubic repositories, with the latest
-# release).
-- set_fact:
- podman_default_package_source: "{{ podman_default_package_source_by_distro[float_debian_dist] | default('debian') }}"
-- set_fact:
- podman_package_source: "{{ podman_default_package_source }}"
- when: "podman_package_source is not defined"
-
-- include_tasks: "podman_{{ podman_package_source }}.yml"
-
-# Try to detect which podman version we're on based on source and
-# distribution.
+# Install Podman using packages from the Debian distribution
+# (available starting with Bullseye).
+- name: Install Podman packages
+ apt:
+ name: "{{ packages }}"
+ state: present
+ vars:
+ packages:
+ - podman
+ - crun
+
+# Try to detect which podman version we're on based on distribution.
- set_fact:
podman_version: "{{ podman_version_by_distro[float_debian_dist] }}"
- when: "podman_package_source == 'debian'"
-- set_fact:
- podman_version: 4
- when: "podman_package_source != 'debian'"
-
-# If we've changed sources.list for podman, it is important
-# that we run apt upgrade now.
-- name: Apt upgrade
- apt:
- upgrade: 'yes'
- when: "podman_sources_list is defined and podman_sources_list.changed"
- name: Symlink podman to docker
file:
diff --git a/roles/float-base-docker/tasks/podman_ai.yml b/roles/float-base-docker/tasks/podman_ai.yml
deleted file mode 100644
index 66e2e77c20c716f969a1faaad21709fe0c6e2e2d..0000000000000000000000000000000000000000
--- a/roles/float-base-docker/tasks/podman_ai.yml
+++ /dev/null
@@ -1,42 +0,0 @@
----
-
-# Install podman from the A/I package repository. This is a "known
-# good" version that works on Debian Buster.
-#
-# Some dependencies need to be pulled from buster-backports.
-
-- name: Remove podman Kubic repository key
- file:
- path: "/etc/apt/trusted.gpg.d/kubic.gpg"
- state: absent
-
-- name: Remove Kubic podman repository
- apt_repository:
- repo: "deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/Debian_10/ /"
- state: absent
-
-- name: Add A/I podman repository
- apt_repository:
- repo: "deb [signed-by=/usr/share/keyrings/deb.autistici.org.gpg] http://deb.autistici.org/urepo buster-podman/"
- state: present
- register: podman_sources_list
-
-- name: Pin podman packages to our repository
- copy:
- dest: "/etc/apt/preferences.d/99podman"
- content: |
- Package: podman
- Pin: origin deb.autistici.org
- Pin-Priority: 1001
-
-- name: Install podman packages
- apt:
- name: podman
- state: present
- default_release: "{{ 'buster-backports' if float_debian_dist == 'buster' else '' }}"
-
-# TODO: remove this once the podman packaging issues are fixed.
-- name: Install a working seccomp.json
- copy:
- src: "seccomp-0.3.2.json"
- dest: "/usr/share/containers/seccomp.json"
diff --git a/roles/float-base-docker/tasks/podman_debian.yml b/roles/float-base-docker/tasks/podman_debian.yml
deleted file mode 100644
index 3ed64cc68e63533b81c8266ed2f391f01834306e..0000000000000000000000000000000000000000
--- a/roles/float-base-docker/tasks/podman_debian.yml
+++ /dev/null
@@ -1,32 +0,0 @@
----
-
-# Install Podman using packages from the Debian distribution
-# (available starting with Bullseye).
-
-- name: Remove podman Kubic repository key
- file:
- path: "/etc/apt/trusted.gpg.d/kubic.gpg"
- state: absent
-
-- name: Remove other podman repositories
- apt_repository:
- repo: "{{ item }}"
- state: absent
- loop:
- - "deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/Debian_10/ /"
- - "deb [signed-by=/usr/share/keyrings/deb.autistici.org.gpg] http://deb.autistici.org/urepo buster-podman/"
-
-- name: Remove podman package pins
- file:
- path: "/etc/apt/preferences.d/99podman"
- state: absent
- register: podman_sources_list
-
-- name: Install Podman packages
- apt:
- name: "{{ packages }}"
- state: present
- vars:
- packages:
- - podman
- - crun
diff --git a/roles/float-base-docker/tasks/podman_kubic.yml b/roles/float-base-docker/tasks/podman_kubic.yml
deleted file mode 100644
index ee5fd28a3f2651139ba4f7582d2f67c107a8c739..0000000000000000000000000000000000000000
--- a/roles/float-base-docker/tasks/podman_kubic.yml
+++ /dev/null
@@ -1,40 +0,0 @@
----
-
-# Install Podman from the upstream "kubic" repository. This is usually
-# the latest Podman release.
-
-
-- name: Add podman Kubic repository key
- copy:
- src: "kubic.gpg"
- dest: "/etc/apt/trusted.gpg.d/kubic.gpg"
-
-- name: Remove A/I podman repository
- apt_repository:
- repo: "deb [signed-by=/usr/share/keyrings/deb.autistici.org.gpg] http://deb.autistici.org/urepo buster-podman/"
- state: absent
-
-- name: Add Kubic podman repository
- apt_repository:
- repo: "deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/Debian_10/ /"
- state: present
- register: podman_sources_list
-
-- name: Remove podman package pins
- file:
- path: "/etc/apt/preferences.d/99podman"
- state: absent
-
-# Podman Kubic packages on buster require a version of libseccomp2
-# from the backports.
-- name: Install libseccomp2 from backports
- apt:
- name: libseccomp2
- state: present
- default_release: buster-backports
- when: "float_debian_dist == 'buster'"
-
-- name: Install podman packages
- apt:
- name: podman
- state: present
diff --git a/roles/float-base-docker/vars/podman.yml b/roles/float-base-docker/vars/podman.yml
new file mode 100644
index 0000000000000000000000000000000000000000..0c7fd8772f2c29f9aeb87186c654667fd2d9e881
--- /dev/null
+++ b/roles/float-base-docker/vars/podman.yml
@@ -0,0 +1,7 @@
+---
+
+podman_version_by_distro:
+ buster: 3
+ bullseye: 3
+ bookworm: 4
+ trixie: 5