redbeardymcgee/podbox
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

tidy

Browse source
This commit is contained in:
redbeardymcgee 2024-11-20 21:46:35 -06:00
parent a30351fd68
commit c434acc957
1 changed files with 12 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
AlmaLinux.md
View file

@ -153,7 +153,9 @@ systemctl enable --now podman
> [!NOTE] Read the docs. > [!NOTE] Read the docs.
> `man podman-systemd.unit` > `man podman-systemd.unit`
### slirp4netns ### Prepare host networking stack
#### slirp4netns
> [!TODO] > [!TODO]
> This may not be necessary but my system is currently using it. > This may not be necessary but my system is currently using it.
@ -162,7 +164,7 @@ systemctl enable --now podman
dnf install slirp4netns dnf install slirp4netns
``` ```
### Install DNS server for `podman` #### Install DNS server for `podman`
> [!TODO] > [!TODO]
> Not sure how to resolve these correctly yet but the journal logs it > Not sure how to resolve these correctly yet but the journal logs it
@ -171,8 +173,7 @@ dnf install slirp4netns
```bash ```bash
dnf install aardvark-dns dnf install aardvark-dns
``` ```
#### Allow rootless binding port 80+
### Enable unprivileged port binding
> [!NOTE] This is only necessary if you are setting up the reverse proxy. > [!NOTE] This is only necessary if you are setting up the reverse proxy.
@ -181,6 +182,13 @@ printf '%s\n' 'net.ipv4.ip_unprivileged_port_start=80' > /etc/sysctl.d/99-unpriv
sysctl 'net.ipv4.ip_unprivileged_port_start=80' sysctl 'net.ipv4.ip_unprivileged_port_start=80'
``` ```
#### Allow containers to route within multiple networks
```bash
printf '%s\n' 'net.ipv4.conf.all.rp_filter=2' > /etc/sysctl.d/99-reverse-path-loose.conf
sysctl -w net.ipv4.conf.all.rp_filter=2
```
### Prepare container user ### Prepare container user
This user will be the owner of all containers with no login shell or root This user will be the owner of all containers with no login shell or root