Recent searches

No recent searches

Search options

Only available when logged in.
mastodon.world is one of the many independent Mastodon servers you can use to participate in the fediverse.
Generic Mastodon server for anyone to use.

Administered by:

Server stats:

8.2K
active users

mastodon.world: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.4.5

#quadlet

2 posts2 participants0 posts today
slamp<p><span class="h-card" translate="no"><a href="https://noc.social/@techviator" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>techviator</span></a></span> You're welcome. Don't hesitate to ping me back. I migrated to podman in the previous 3-4 months and I still need to understand a lot (how to do <a href="https://hachyderm.io/tags/healthcheck" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>healthcheck</span></a> on quadlet, how can I replace <a href="https://hachyderm.io/tags/cadvisor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cadvisor</span></a> to <a href="https://hachyderm.io/tags/monitor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>monitor</span></a> <a href="https://hachyderm.io/tags/quadlet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>quadlet</span></a>)</p>
slamp<p><span class="h-card" translate="no"><a href="https://noc.social/@techviator" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>techviator</span></a></span> <br>I had trouble with the network part and the <a href="https://hachyderm.io/tags/DNS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DNS</span></a> resolution using <a href="https://hachyderm.io/tags/podman" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>podman</span></a>, I followed this tutorial to understand it:<br><a href="https://giacomo.coletto.io/blog/podman-quadlets/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">giacomo.coletto.io/blog/podman</span><span class="invisible">-quadlets/</span></a></p><p>Finally, I migrated from <a href="https://hachyderm.io/tags/docker_compose" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>docker_compose</span></a> to <a href="https://hachyderm.io/tags/quadlet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>quadlet</span></a> <br>Doc: <a href="https://www.redhat.com/en/blog/quadlet-podman" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">redhat.com/en/blog/quadlet-pod</span><span class="invisible">man</span></a><br>Tutorial: <a href="https://giacomo.coletto.io/blog/podman-podlet/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">giacomo.coletto.io/blog/podman</span><span class="invisible">-podlet/</span></a></p>
Axel Knauf<p>Here's how to run <code>podman</code> containers as <code>systemd</code> units using "quadlets".</p><p>I was running my GoToSocial instance as a rootless container using <code>podman-compose</code> on a VPS with Debian Trixie. This was working fine, but when rebooting the server, I would have to manually log in, switch to the dedicated user account and start the container. Not starting this automatically is a real PITA, so I wanted to change this by using <a href="https://docs.podman.io/en/stable/markdown/podman-systemd.unit.5.html" rel="nofollow noopener" target="_blank">podman quadlets</a> instead, which generate standard <code>systemd</code> unit files.</p><p>My starting point was a <code>compose.yaml</code> file:</p><pre><code>services: gotosocial: image: docker.io/superseriousbusiness/gotosocial:0.19.2 container_name: gotosocial user: 1004:1004 networks: - gotosocial environment: GTS_HOST: fedi.4x31.dev GTS_DB_TYPE: sqlite GTS_DB_ADDRESS: /gotosocial/storage/sqlite.db GTS_LETSENCRYPT_ENABLED: "false" GTS_WAZERO_COMPILATION_CACHE: /gotosocial/.cache GTS_TRUSTED_PROXIES: "192.168.0.1/16" GTS_LOG_LEVEL: warn TZ: Europe/Berlin ports: - "127.0.0.1:9000:8080" volumes: - ./data:/gotosocial/storage - ./.gtscache:/gotosocial/.cache restart: "always" networks: gotosocial: ipam: driver: default config: - subnet: "192.168.0.1/16" gateway: "192.168.0.100" </code></pre><p>First I defined the podman network:</p><pre><code># /etc/containers/system/gotosocial.network [Network] Subnet=192.168.0.1/16 Gateway=192.168.0.100 </code></pre><p>Then the container itself, which depends on this network:</p><pre><code># /etc/containers/system/gotosocial.container [Unit] Description=GoToSocial Wants=network-online.target After=network-online.target Requires=gotosocial.network After=gotosocial.network [Container] Image=docker.io/superseriousbusiness/gotosocial:0.19.2 # This is the UID:GID of the non-privileged user I was using with podman-compose User=1004:1004 UserNS=keep-id Environment=GTS_HOST=fedi.4x31.dev Environment=GTS_DB_TYPE=sqlite Environment=GTS_DB_ADDRESS=/gotosocial/storage/sqlite.db Environment=GTS_LETSENCRYPT_ENABLED=false Environment=GTS_WAZERO_COMPILATION_CACHE=/gotosocial/.cache Environment=GTS_TRUSTED_PROXIES="192.168.0.1/16" Environment=GTS_LOG_LEVEL=warn Environment=TZ=Europe/Berlin Volume=/home/gotosocial/data:/gotosocial/storage:rw,U,z Volume=/home/gotosocial/.gtscache:/gotosocial/.cache:rw,U,z PublishPort=127.0.0.1:9000:8080 Network=gotosocial.network [Service] TimeoutStartSec=900 Restart=always [Install] WantedBy=multi-user.target </code></pre><p>I was able to test this configuration using the "dry-run mode" of the generator and review the output:</p><pre><code>sudo /usr/lib/systemd/system-generators/podman-system-generator -dryrun </code></pre><p>With all this set up, I was able to start the service and check the logs:</p><pre><code>sudo systemctl daemon-reload sudo systemctl start gotosocial sudo journalctl -u gotosocial -f </code></pre><p>Looking at the logs I noticed that <code>ufw</code>, my firewall, was blocking both DNS traffic from the podman network as well as outgoing traffic required to fetch media from other instances. So I allowed DNS and outgoing traffic for podman containers:</p><pre><code>sudo ufw allow in on podman1 to any port 53 sudo ufw route allow in on podman1 out on ens3 sudo ufw status verbose </code></pre><p>It was quite a journey figuring out all required steps. But I am very happy with the result, and I hope this little guide may help others. Thanks for reading! &lt;3</p><p><a href="https://fedi.4x31.dev/tags/selfhosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfHosting</span></a> <a href="https://fedi.4x31.dev/tags/fediverse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FediVerse</span></a> <a href="https://fedi.4x31.dev/tags/gotosocial" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GoToSocial</span></a> <a href="https://fedi.4x31.dev/tags/podman" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>podman</span></a> <a href="https://fedi.4x31.dev/tags/containers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>containers</span></a> <a href="https://fedi.4x31.dev/tags/systemd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>systemd</span></a> <a href="https://fedi.4x31.dev/tags/ufw" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ufw</span></a> <a href="https://fedi.4x31.dev/tags/quadlet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>quadlet</span></a></p>
Major Hayden 🤠<p>Someone reminded me today that I promised someone a post about automatic container updates with quadlets and podman. Well, here you go!</p><p><a href="https://major.io/p/podman-quadlet-automatic-updates/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">major.io/p/podman-quadlet-auto</span><span class="invisible">matic-updates/</span></a></p><p><a href="https://tootloop.com/tags/podman" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>podman</span></a> <a href="https://tootloop.com/tags/fedora" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fedora</span></a> <a href="https://tootloop.com/tags/containers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>containers</span></a> <a href="https://tootloop.com/tags/quadlet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>quadlet</span></a> <a href="https://tootloop.com/tags/devconfus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>devconfus</span></a> <a href="https://tootloop.com/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a> <a href="https://tootloop.com/tags/systemd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>systemd</span></a></p>
Frederik<p><strong>Podman containers for Unifi and MongoDB on Debian</strong></p><p>I needed to install the Unifi Network Server for managing my Unifi access points (UAP). There is hardware available to manage this, such as the Unifi CloudKey Gen2 (UCK-G2), but I prefer not to buy and run any extra hardware when it’s possible to just run the Unifi Network Server on a Linux system. It requires MongoDB, which is not packaged in Debian any more because its license is not […]</p><p><a href="https://blog.frehi.be/2025/09/15/podman-containers-for-unifi-and-mongodb-on-debian/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.frehi.be/2025/09/15/podma</span><span class="invisible">n-containers-for-unifi-and-mongodb-on-debian/</span></a></p><p><a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://blog.frehi.be/tag/quadlet/" target="_blank">#Quadlet</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://blog.frehi.be/tag/containers/" target="_blank">#containers</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://blog.frehi.be/tag/debian/" target="_blank">#Debian</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://blog.frehi.be/tag/mongodb/" target="_blank">#MongoDB</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://blog.frehi.be/tag/podman/" target="_blank">#Podman</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://blog.frehi.be/tag/unifi/" target="_blank">#Unifi</a></p>
Jörg Kastning<p>You are looking for official support for rootless Podman Quadlets in OpenCloud? Then please go ahead and support this feature request: <a href="https://github.com/orgs/opencloud-eu/discussions/1498" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/orgs/opencloud-eu/d</span><span class="invisible">iscussions/1498</span></a></p><p><a href="https://social.anoxinon.de/tags/podman" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>podman</span></a> <a href="https://social.anoxinon.de/tags/quadlet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>quadlet</span></a> <a href="https://social.anoxinon.de/tags/OpenCloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenCloud</span></a> <a href="https://social.anoxinon.de/tags/systemd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>systemd</span></a></p>
if let Some(🐰) = herz { furry!(:demisexual_flag:); }<p>This is very cool!</p><p>I finally found a major project providing installation instructions for podman quadlets: wg-easy</p><p><a href="https://wg-easy.github.io/wg-easy/latest/examples/tutorials/podman-nft/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">wg-easy.github.io/wg-easy/late</span><span class="invisible">st/examples/tutorials/podman-nft/</span></a></p><p><a href="https://furry.engineer/tags/Podman" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Podman</span></a> <a href="https://furry.engineer/tags/Quadlet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Quadlet</span></a></p>
Jarno :orankinet:

Good blog post, basically sums up my current thoughts about the home lab. Kubernetes is nice, but overkill, and Podman+systemd and even further Quadlet can replace k8s really well on a single person scale.

Wish there was a good NGINX-based solution to mimic what ingress-nginx and cert-manager can do on k8s, not that it's that much work to handle a couple domains manually.

https://blog.yaakov.online/replacing-kubernetes-with-systemd/

#podman #systemd #quadlet #k8s

Yaakov's Blog · Replacing Kubernetes with systemd
More from Yaakov
Gabriel Garrido

Well, this took a bit of investigative work but was ultimately successful. Now, for each service that I want to host I have an Ansible playbook that:

1. Creates a service-specific user that will run the rootless #podman container
2. Uploads the custom #quadlet `.container` unit file in said user's home
3. Use `machinectl` to interact with systemd as said user

As an example, I now have CoreDNS running as a rootless container as the `coredns` user via systemd/quadlet!

Replied in thread
Alex L 🕊 🇵🇸

@stefanfrede

Just in case you didn't know (but I guess you specifically need docker-compose.yml syntax):

#Podman reuses SystemD to replace Docker Compose because SystemD has way more options, makes it easy to integrate containerized services with non-containerized ones and the host system. Podman includes a SystemD unit generator, #Quadlet, allowing you to manage files like .container, .image, .network, .build and more.

1/2

*
:sigil: Lou Lüeder

EDIT: J'ai trouvé cet article et j'ai compris et ça marche 😊 mo8it.com/blog/quadlet/

S'il y a des gens qui utilisent podman par ici j'ai une question parce que je comprends pas bien la doc.

J'ai un petit container sans root que je lance à la main avec podman start mon_container quand j'en ai besoin et ça commence à devenir un peu redondant vu que je vais souvent sur mon ordi spécifiquement pour l'utiliser. Donc je cherche à le lancer quand j'ouvre ma session.

J'ai voulu générer une unit systemd avec la commande qui va bien mais j'ai vu qu'elle était dépréciée et qu'il était conseillé d'utiliser un "Quadlet" pour faire ça.

Sauf que mon cerveau percute pas du tout la doc officielle. C'est quoi un quadlet ? Comment je transforme mon container en quadlet ? Et comment je lance le quadlet au démarrage de ma session ?

Je prend toute explication/tuto écrit/tuto vidéo !

mo8it.comQuadlet: Running Podman containers under systemdFinally, Podman has a Docker Compose alternative
#podman#quadlet#systemd
TrendingLive feeds
About