services/homelab
1
1
Fork 0
Code Issues 5 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d1afa569cceb5ce43c0918cfa254275dfd989d01
homelab/podman/README.md
ducoterra d1afa569cc remove orange
2024-06-25 14:22:54 -04:00

131 lines
3.0 KiB
Markdown
Raw Blame History

# Podman
- [Podman](#podman)
- [Notes](#notes)
- [Podman systemd files](#podman-systemd-files)
- [iperf3](#iperf3)
- [pihole](#pihole)
- [Cloudflared](#cloudflared)
- [WG Easy (Deprecated - use Unifi)](#wg-easy-deprecated---use-unifi)
- [Update yellow quadlets](#update-yellow-quadlets)
## Notes
- podman auth is stored in `/run/user/1000/containers`
## Podman systemd files
Rather than copying compose files or running podman run as systemd services you can
generate quadlet files to define containers that run at boot.
Podlet generates quadlets - systemd files specifically for containers.
You generate quadlets from compose files like so:
```bash
podman run \
-v ./compose:/compose \
-v ./quadlets:/quadlets \
quay.io/k9withabone/podlet \
-f /quadlets \
-i \
--overwrite \
compose /compose/grafana-compose.yaml
```
Copy these files to `/usr/share/containers/systemd/`
### iperf3
```bash
podman run \
-v ./podman/compose:/compose \
-v ./podman/quadlets:/quadlets \
quay.io/k9withabone/podlet \
-f /quadlets \
-i \
--overwrite \
compose /compose/iperf3-compose.yaml
```
### pihole
<https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts>
```bash
podman run \
-v ./podman/compose:/compose \
-v ./podman/quadlets:/quadlets \
quay.io/k9withabone/podlet \
-f /quadlets \
-i \
--overwrite \
--wants network-online.target \
--after network-online.target \
compose /compose/pihole-compose.yaml
```
### Cloudflared
https://docs.pi-hole.net/guides/dns/cloudflared/
Creates a DOH proxy for pihole. Just set the pihole upstream to `10.1.203.197#5053` (yellow) or
`10.1.200.253#5053` (orange).
```bash
podman run \
-v ./podman/compose:/compose \
-v ./podman/quadlets:/quadlets \
quay.io/k9withabone/podlet \
-f /quadlets \
-i \
--overwrite \
--wants network-online.target \
--after network-online.target \
compose /compose/cloudflared-compose.yaml
```
### WG Easy (Deprecated - use Unifi)
PASSWORD and PASSWORD_HASH env vars didn't work.
<https://github.com/wg-easy/wg-easy>
Note, to create PASSWORD_HASH run:
```bash
python -c 'import bcrypt; print(bcrypt.hashpw(b"testpass", bcrypt.gensalt()).decode())'
```
```bash
podman run \
-v ./podman/quadlets:/quadlets \
quay.io/k9withabone/podlet \
-f /quadlets \
-i \
--overwrite \
--wants network-online.target \
--after network-online.target \
--name=wg-easy \
podman run \
-e LANG=en \
-e WG_HOST=wg.reeseapps.com \
-e PORT=51821 \
-e WG_PORT=51820 \
-v wg-easy:/etc/wireguard \
-p 51820:51820/udp \
-p 51822:51821/tcp \
--secret wg_easy_password,type=env,target=PASSWORD_HASH \
--cap-add=NET_ADMIN \
--cap-add=SYS_MODULE \
--cap-add=NET_RAW \
--restart unless-stopped \
ghcr.io/wg-easy/wg-easy:nightly
```
## Update yellow quadlets
```bash
ansible-playbook -i ./ansible/inventory.yaml podman/update-quadlets.yaml
```
Reference in New Issue View Git Blame Copy Permalink