joakim/rick-infra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
846ab74f87e5a7e8c777f222ad9b1bc74ef8101f
rick-infra/roles/podman/handlers/main.yml
Joakim 846ab74f87 Fix Nextcloud DNS resolution and implement systemd cron for background jobs 
- Enable IP forwarding in security playbook (net.ipv4.ip_forward = 1)
- Add podman network firewall rules to fix container DNS/HTTPS access
- Implement systemd timer for reliable Nextcloud background job execution
- Add database optimization tasks (indices, bigint conversion, mimetypes)
- Configure maintenance window (04:00 UTC) and phone region (NO)
- Add security headers (X-Robots-Tag, X-Permitted-Cross-Domain-Policies)
- Create Nextcloud removal playbook for clean uninstall
- Fix nftables interface matching (podman0 vs podman+)

Root cause: nftables FORWARD chain blocked container egress traffic
Solution: Explicit firewall rules for podman0 bridge interface
2025-12-20 19:51:26 +01:00

18 lines
358 B
YAML
Raw Blame History

---
# Podman Infrastructure Role - Handlers
# Matches the handler pattern from other infrastructure roles
- name: reload systemd
systemd:
daemon_reload: yes
- name: restart podman
systemd:
name: podman
state: restarted
when: podman_service_enabled | default(true)
- name: reload nftables
systemd:
name: nftables
state: reloaded
Reference in New Issue View Git Blame Copy Permalink