I don’t really have anyone else to shout at about this, but it’s an amazing way to host services in rootless containers entirely in user space using systemd (systemctl --user
).
https://docs.podman.io/en/latest/markdown/podman-systemd.unit.5.html
If you want to use caddy as proxy for other containers running as quadlets have a look at this repo: https://github.com/eriksjolund/podman-caddy-socket-activation
It certainly demystified some network shenanigans for me.
Just want to chime in here to say I use containerized caddy as a reverse proxy with quadlets and did nothing special.
If you have caddy as a reverse proxy inside podman user namespace separated networks, they don’t take the upstream client IP address and instead you get local IP addresses assigned to logs. Socket activation is kinda required if you want to get the client’s real IP address in your logs.
Nice, did the same for some services I run at home. Now in the process of migrating my stuff on my vps from docker compose to quadlets. It’s a bit more involved but worth the QoL stuff quadlets bring with them, like automatic updates and systemd integration. I’m curious, which is your Linux distro of choice to run your podman quadlets on?
I’m now running quadlets on Garuda (my gaming/devbox), and Fedora. The impetus for this was needing to host service in an unprivileged way at work on RHEL9, so I got paid to do some learning with my own services.
My laptop is running Bazzite, but no services there. I’ll move the server to silverblue or another image based distro when I finish extracting the rest of my misadventures to containers.
openSUSE MicroOS is amazing