Added Podman secret and Podman postgres container

playbooks/cengine.init.yaml

@@ -85,6 +85,10 @@
           containers.podman.podman_image:
             name: nextcloud/all-in-one
             tag: latest
+        - name: Ensure possession of Postgres container image
+          containers.podman.podman_image:
+            name: postgres
+            tag: 14.17
         - name: Ensure possession of Gitea container image
           containers.podman.podman_image:
             name: gitea/gitea
@@ -95,6 +99,11 @@
         - name: Ensure existence of shared network for Nextcloud, Gitea et al
           containers.podman.podman_network:
             name: sharenet
+        - name: Create secret for PostgreSQL database container
+          containers.podman.podman_secret: # @TODO: Look into other Postgres authentication methods
+            name: postgres_pass
+            data: "admin" # @TODO: Replace value with Ansible variable
+            state: present
         - name: Ensure containers are running with appropriate configuration
           containers.podman.podman_containers:
             containers:
@@ -157,11 +166,18 @@
                   - "sharenet"
                 requires:
                   - "db"
-              # @TODO: Finish writing up the below
+              # @NOTE: Postgres (below) default port is 5432
               - name: db
                 state: present
                 restart_policy: on-failure:5
                 image: postgres
+                # shm_size: 128mb # @TODO: Specify share of memory for container
+                volumes:
+                  - "~/.config/postgres:/etc/postgresql"
                 network:
                   - "caddynet"
                   - "sharenet"
+                env:
+                  POSTGRES_USER: senpai
+                  POSTGRES_DB: mem
+                  POSTGRESS_PASSWORD_FILE: /run/secrets/postgres_pass # @TODO: Look into other Postgres authentication methods