Just did that last weekend. Nothing to do anymore. 😢
Coleslaw4145@lemmy.world 2 weeks ago
No try migrating all your docker containers to podman.
SexualPolytope@lemmy.sdf.org 2 weeks ago
exu@feditown.com 2 weeks ago
Did you do Quadlets?
SexualPolytope@lemmy.sdf.org 2 weeks ago
Yes of course. Had to spend a couple of hours fixing permission related issues.
poolhelmetinstrument@lemmy.world 2 weeks ago
But did you run them as rootful or the intended rootless way.
immobile7801@piefed.social 2 weeks ago
I had problems getting apps with multiple containers working in quadlets (definitely a knowledge issue on my part, but didn’t feel the time learning it was beneficial, but will probably revisit during kubernetes learning) so went back to podman with docker compose.
SexualPolytope@lemmy.sdf.org 2 weeks ago
I think it’s kinda better using quadlets, because I wrote some custom scripts, and quadlets made the process better. But podman compose is probably file too.
emerald@lemmy.blahaj.zone 2 weeks ago
And then migrate all your podman containers to proxmox
fossilesque@mander.xyz 2 weeks ago
Don’t encourage me.
epicshepich@programming.dev 2 weeks ago
And then try turning on SELinux!
olafurp@lemmy.world 2 weeks ago
I set my homelab up on Bazzite immutable with podman and SELinux. It took a while to work everything out and have it boot up into a valid state hahaha
epicshepich@programming.dev 2 weeks ago
Any reason you chose Bazzite for your homelab distro? First I’ve heard of someone doing that!
erev@lemmy.world 2 weeks ago
It’s not that difficult to get SELinux working with podman quadlets, especially if you run things rootless. I have a kerberized service account for each application I host and my quadlets are configured to run under those. I very rarely encounter applications that simoky can’t be run rootless but I usually can find an adequate alternative. I think right now the only thing that runs as root is one of the talk or collabora containers in my nextcloud stack. No selinux issues either.
epicshepich@programming.dev 2 weeks ago
I use podman-compose with system accounts and I don’t have a ton of issues. The biggest one is that I can’t seem to get bluetooth and pip working on Home Assistant at the same time. Most of the servers I manage have SELinux and it works fine as long as I use
:z/:Zwith bind mounts.A few years ago, I set up a VPS for my friend’s business; at the time, I didn’t know how to work with SELinux so I just turned it off. I tried to flip it back on, and it somehow bricked the system. We had to restore from a backup. Since then, I’ve been afraid to enable it on my flagship homelab server.