From 7ae140d453f5443dd598dbabca060359e4bb93f1 Mon Sep 17 00:00:00 2001
From: Grant Slater <github@firefishy.com>
Date: Wed, 3 Sep 2025 12:55:59 +0100
Subject: [PATCH] podman: add timer based podman system prune

---
 cookbooks/podman/recipes/default.rb | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/cookbooks/podman/recipes/default.rb b/cookbooks/podman/recipes/default.rb
index b29769c1f..4bc201e8f 100644
--- a/cookbooks/podman/recipes/default.rb
+++ b/cookbooks/podman/recipes/default.rb
@@ -53,3 +53,21 @@ end
 service "podman-auto-update.timer" do
   action [:enable, :start]
 end
+
+systemd_service "podman-system-prune" do
+  description "Cleanup up unused podman images and containers"
+  exec_start "/usr/bin/podman system prune --all --force"
+  sandbox :enable_network => true
+  memory_deny_write_execute false
+  restrict_address_families "AF_UNIX"
+end
+
+systemd_timer "podman-system-prune" do
+  description "Cleanup up unused podman images and containers"
+  on_boot_sec "2h"
+  on_unit_active_sec "7d"
+end
+
+service "podman-system-prune.timer" do
+  action [:enable, :start]
+end
-- 
2.39.5