Zeus

Services opzetten

Je kan dit voobeeld als basis gebruiken om podman quadlets op te zetten:

~/.config/containers/systemd/zervice.container

[Unit]
# description of the container
Description=voorbeeldcontainer

# use this to make this container depend on other containers
# attention: extension is `.service`, not `.container`!
Requires=postgres.service dependenzy.service
After=postgres.service dependenzy.service

[Container]
# container image
Image=ghcr.io/zeuswpi/zervice:latest

# auto update the container image when `podman auto-update` gets executed
AutoUpdate=registry

# environment variables
# you can have multiple Environment=... statements, and you can 
# define multiple environment variables per statement
Environment=KEY1=value1 KEY2=value2
Environment=KEY3=value3

# podman secrets
# to make a secret from stdin, use `podman secret create <name> -`.
# e.g. to enter a secret without it ending up in shell history: 
#   $ read && echo "$REPLY" | podman secret create <name> -
# to list secrets: `podman secret ls`
# to inspect secrets: `podman secret inspect <name>`
Secret=<secret name>,type=env,target=ENV_VARIABLE_KEY

## networks ##
# use this to put multiple containers in the same network, so they can
# find each other using the configured hostname

# networks the container is in
# you can have multiple Network=... statements
# also make sure to make a <name>.network file in the same directory
# as the container file (this file can be empty)
Network=caddy.network
Network=zervice.network

# hostname of the container
NetworkAlias=zervice
## /networks ##

# volumes (again you can define this multiple times)
Volume=<volume_name_or_file_or_dir>:<mount_point>:<options>

# some examples:
# named volume
Volume=zervice_data:/data
# mount host file into container (same is possible with directories)
Volume=/etc/caddy/Caddyfile:/etc/caddy/Caddyfile
Volume=/var/lib/zervice.db:/app/data.db
# mount a directory relative to this file into the container
Volume=./data:/data
# Z makes the volume only accessible to this container, z makes it
# accessible to all containers
Volume=zervice_data:/data:Z

# port mappings (can be defined multiple times)
PublishPort=9001:8080

[Service]
# when to auto restart the container
# on-failure means always (re)start it unless it is manually stopped, you probably want this
Restart=on-failure

[Install]
WantedBy=default.target

Wanneer je iets aanpast, gebruik systemctl --user daemon-reload om de containers te reloaden.

IPv6 in containers

Standaard is IPv6 niet enabled in Podman-containers. Om het te enablen voor een container, moet deze deel zijn van een netwerk door middel van een Network=<naam>.network directive (zie voorbeeld). Deze .network-file moet de volgende content hebben:

[Network]
IPv6=true

Voor meer info, zie de podman documentatie.