Confused about Podman

PrivateNoob , 3 hours ago

I’m a pretty Podman novice guy too but I’m running quadlets since it automatically creates and runs these containers just like the other services would be with systemd. In terms of networking I can usually access to my container via publishing a port and using the PC’s IP where the container is running, and this is the default network that Podman uses initially.

I have a Jellyfin quadlet config, that may help you. I’ve had numerous sufferings to make a working one, but here you go (These 3 files are in ~/.config/containers/systemd/jellyfin):

<span style="color:#323232;">Description=Jellyfin Media Server
</span><span style="color:#323232;">After=network.target
</span><span style="color:#323232;">
</span><span style="color:#323232;">[Container]
</span><span style="color:#323232;">Image=lscr.io/linuxserver/jellyfin:latest
</span><span style="color:#323232;">PublishPort=8096:8096
</span><span style="color:#323232;">Volume=jellyfin-config.volume:/config:Z
</span><span style="color:#323232;">Volume=jellyfin-cache:/cache:Z
</span><span style="color:#323232;">Volume=/home/USERNAME/media/storage1/Filmek:/data/Filmek:Z,U
</span><span style="color:#323232;">Volume=/home/USERNAME/media/storage1/Sorozatok:/data/Sorozatok:Z,U
</span><span style="color:#323232;">
</span><span style="color:#323232;">[Service]
</span><span style="color:#323232;">Restart=on-failure
</span><span style="color:#323232;">
</span><span style="color:#323232;">[Install]
</span><span style="color:#323232;">WantedBy=default.target
</span>

<span style="color:#323232;">[Unit]
</span><span style="color:#323232;">Description=Jellyfin Cache Volume
</span><span style="color:#323232;">
</span><span style="color:#323232;">[Volume]
</span>

<span style="color:#323232;">[Unit]
</span><span style="color:#323232;">Description=Jellyfin Config Volume
</span><span style="color:#323232;">
</span><span style="color:#323232;">[Volume]
</span>

Please do ask questions if you have any. ^^

exu , 4 hours ago

I use podman mainly because it’s very easy to manage using systemd services. Unfortunately, the command for generating these service files, podman-generate, is deprecated and won’t receive new features.

Auto updating is done just using a simple tag and enabling a systemd timer to do it regularly for you.

It’s easiest to start with the rootful mode, you won’t have additional settings to set and no issues with permissions, UIDs and networking.

For networking, I always create a network per service I want to run. For example Nextcloud and its database would go in one network and you’d only forward the port for the webinterface for outside access.

In addition to networks I also use pods, this basically groups the containers together to start/stop them as one. If you use this, you have to set your port forwarding here.

poVoq , 2 hours ago

Podman-generate was replaced by Quadlet .container files, which works better.

And a Pod also has it’s own virtual network, why manually create one?

exu , 1 hour ago

I haven’t taken the time yet to switch my Ansible playbooks to Quadlet, so can’t comment on that.

I only skimmed the manpages, thanks for the info.

twizzay , 6 hours ago

@MightyCuriosity @selfhosted

A raspberry pi is not going to be powerful enough to run these things beyond a test setup or, a really small use-case. I'd only setup #Nextcloud with the SQlite setup. And don't plan on using it for mass storage. and for heaven sakes keep a backup. :shiba_please:

That said, if your goal is simply to run these out of your home and you want to access it beyond your intranet, all you would need is a VPN back to your house.

Avoid openVPN :openvpn: Simply because it's a resource hog, albeit the more reliable option. Wireguard would be better especially considering you're already going to be bottlenecked by the pi :raspberrypi:

I'd recommend wireguard. here's a guide.

I don't know much about Podman or Quadlets. But, a Docker instance will work just fine. :docker:

Updates are not too tricky in my opinion. I can share my own update script for my Docker Nextcloud setup if you want. It'd probably be adaptable for jellyfin and whatever else.

Just make sure you expose the Nextcloud data directory as a volume outside the container. and before you back it up always try to update so that if you have to reinstall you'll have a better chance of having a compatible backup.

chevy9294 , 5 hours ago

I switched from Docker to Podman, because Podman is more secure (if rootless) but it was just hard to autostart containars. You have to start one by one because they don’t have a central service like docker. And watchtower and nextcloud AIO don’t work on Podman. So I switched back to docker.

ryannathans , 5 hours ago

You create a pod and bring the pod up

poVoq , 2 hours ago

Its actually much easier to autostart containers with Podman, as it has full Systemd integration, so you can handle them like any other service. All you need to do is write a simple .container file for the Podman built-in Quadlet service, which closely follows the normal Systemd .service file syntax.

chevy9294 , 1 hour ago

Yes but you have to do that for each service if I understand correctly.

poVoq , 1 hour ago

Only once during the initial setup, afterwards its all managed by Systemd. Once you know about it, it takes like one minute max.?

TheBigBrother , 5 hours ago

My humble POV it’s to stick with whatever do the work.