From 8d36981bd9b457f6d69f451964de65d3359c32a5 Mon Sep 17 00:00:00 2001
From: Lukas Vacula <lukas@lvacula.com>
Date: Tue, 2 Jan 2024 12:31:05 -0500
Subject: [PATCH] hapy_new_year

---
 .../posts/2023/06/resolved-email-delivery.md  |   2 +-
 content/posts/2023/11/.podman_learning.md.swp | Bin 0 -> 12288 bytes
 content/posts/2023/11/podman_learning.md      |  13 +++++++
 content/posts/2023/12/.podman_learning.md.swp | Bin 0 -> 12288 bytes
 content/posts/2023/12/_index.md               |   9 +++++
 .../2023/12/podman_notes_rootless_quadlet.md  |  35 ++++++++++++++++++
 content/posts/2024/01/_index.md               |   9 +++++
 content/posts/2024/01/happy-new-year.md       |   8 ++++
 content/posts/2024/_index.md                  |   9 +++++
 9 files changed, 84 insertions(+), 1 deletion(-)
 create mode 100644 content/posts/2023/11/.podman_learning.md.swp
 create mode 100644 content/posts/2023/11/podman_learning.md
 create mode 100644 content/posts/2023/12/.podman_learning.md.swp
 create mode 100644 content/posts/2023/12/_index.md
 create mode 100644 content/posts/2023/12/podman_notes_rootless_quadlet.md
 create mode 100644 content/posts/2024/01/_index.md
 create mode 100644 content/posts/2024/01/happy-new-year.md
 create mode 100644 content/posts/2024/_index.md

diff --git a/content/posts/2023/06/resolved-email-delivery.md b/content/posts/2023/06/resolved-email-delivery.md
index f8e73b4..4a35d4c 100644
--- a/content/posts/2023/06/resolved-email-delivery.md
+++ b/content/posts/2023/06/resolved-email-delivery.md
@@ -13,7 +13,7 @@ The solution provided by Google is to use a Google Workspace email instead. I gu
 
 ---
 
-For anyone who’s curious, here’s what Google has to say about the matter [on their help page](https://support.google.com/domains/answer/3251241?hl=en#zippy=%2Cemail-forwarding-delivery-issues-from-sender):
+For anyone who’s curious, here’s what Google has to say about the matter [on their help page](https://support.google.com/domains/answer/3251241):
 
 > You may not get the email forwarded to you by senders with specific email authentication settings. Regardless of your mail settings in Google Domains, some email senders have rules that prevent their mail from being delivered with email forwarding systems.  
 > 
diff --git a/content/posts/2023/11/.podman_learning.md.swp b/content/posts/2023/11/.podman_learning.md.swp
new file mode 100644
index 0000000000000000000000000000000000000000..8e2f6f84e99bbab7aaccff0d6fdd7a8827f92169
GIT binary patch
literal 12288
zcmeI2!HV2Q5Qf{nCbolf$t6%x4x4y)W_H$xB!>+w-b0oUykM`v7?Wv9wWIb*-Ewzp
z)`E~gULr3L$RYQ<K*;;}0etY^l6I3A40~NDL80ksss5_3N(aqUzWe0p2l{5dt8jdz
z)F+=Z|M8Pjzuvr~f@zwzHie0O+I{cwqHEgRy?XEd#m3M7ak!{Ay69>>FI+RrYqwq$
z&PKLz(Yg@BVsCfv{$jbrs%*6Vv1aY9vFmwLUU-wU5D)@aCeX#x+1IyD?(Z#!NB#5c
zGy3@M$(3)H3x$9X5CTF#2nYcoAOwVf5V-yXVtYgVf;4VUso*Do;kfb6d0NUz2nYco
zAOwVf5D)@FKnMr{As_^VfDpKb1T_9nfBk_{-+hSS@$!H1{{QBVQh&jIhy4cYVI3^O
zX0U&5EA=hx?^{Y0u-mXd;o}H4__~HHBxE5V1cZPP5CTF#2nYcoAOx;RfN;#{amAEb
z9nFR_YB*M|Boin)>H^dEUC!Qe<Up%=ubX;Br>4eA+md`|DOTLjxrr66#=&1|Yu(cs
z?pvu*VcM8sZWxooyh@G(jgmCoggp!mmtlwUE+&0Vfm`i$WNN*8!9}D~?;2{fv9+;G
z$HSQMBykcjX-uoq6=&=(g%;BnbgAt5WoJCp+3Fl_){~p9KnKT1kn|f<u$s|94G`VB
zqTY3Muh911fa4v7{}CA=j8W~7NlDnPNV-1PJ#d0@&LI+3bNC;x!zv)7l1GAvL-;A$
z#A1kAN1dA*<J@E{H3r}2T<BDp<gw&Upfk(oY1MC)WO>7$)*Rv0pWzfL?U@|5{kaL8
zq#vh(9~>TLR02hj3ZI;7dVq0m&}E-0OwQ97&#*#8Fzp>o$(~DU9Gn^(xaja9R@zeb
z;NkJp>@qs!4`|eObxocdhcb?8&KnLXj04*zq@G;To+>w#1p=WD5q$;EiC}Q4BM{?|
z^9X6}UDpm80OA@Z?;Pl+Ms(<oiQ&JbOP6{MmrN}H%|RV~UTF~Mta;g?*Vs2E1cO{J
z9sv{QN^Ng%tEksupPpr*az4TphioSs`!{>8o<;r2S=S)F=c-J7yH9B(ezsiB_P$cl
uL_poA>`@9fR_MJzM_W)v4KPGs_cTn*BYB-WJOfjQe33d~EX0@D5XM`j%z<|R

literal 0
HcmV?d00001

diff --git a/content/posts/2023/11/podman_learning.md b/content/posts/2023/11/podman_learning.md
new file mode 100644
index 0000000..0c3ef25
--- /dev/null
+++ b/content/posts/2023/11/podman_learning.md
@@ -0,0 +1,13 @@
++++
+title = "Some things I've recently learned about Podman (and Docker)"
+date = 2023-11-27
+[taxonomies]
+tags= ["shortnotes","podman"]
++++
+
+- Podman does not require a user to have unique permissions to use it.
+- Any user on a docker-enabled system that also is in the docker group can become root with one command
+- The "ADD" directive in a Containerfile or Dockerfile is considered more insecure than "COPY" because it can pull remote directories.
+- Podman was made with Docker command compatability in mind because the devs knew they'd never get market share otherwise.
+
+
diff --git a/content/posts/2023/12/.podman_learning.md.swp b/content/posts/2023/12/.podman_learning.md.swp
new file mode 100644
index 0000000000000000000000000000000000000000..8e2f6f84e99bbab7aaccff0d6fdd7a8827f92169
GIT binary patch
literal 12288
zcmeI2!HV2Q5Qf{nCbolf$t6%x4x4y)W_H$xB!>+w-b0oUykM`v7?Wv9wWIb*-Ewzp
z)`E~gULr3L$RYQ<K*;;}0etY^l6I3A40~NDL80ksss5_3N(aqUzWe0p2l{5dt8jdz
z)F+=Z|M8Pjzuvr~f@zwzHie0O+I{cwqHEgRy?XEd#m3M7ak!{Ay69>>FI+RrYqwq$
z&PKLz(Yg@BVsCfv{$jbrs%*6Vv1aY9vFmwLUU-wU5D)@aCeX#x+1IyD?(Z#!NB#5c
zGy3@M$(3)H3x$9X5CTF#2nYcoAOwVf5V-yXVtYgVf;4VUso*Do;kfb6d0NUz2nYco
zAOwVf5D)@FKnMr{As_^VfDpKb1T_9nfBk_{-+hSS@$!H1{{QBVQh&jIhy4cYVI3^O
zX0U&5EA=hx?^{Y0u-mXd;o}H4__~HHBxE5V1cZPP5CTF#2nYcoAOx;RfN;#{amAEb
z9nFR_YB*M|Boin)>H^dEUC!Qe<Up%=ubX;Br>4eA+md`|DOTLjxrr66#=&1|Yu(cs
z?pvu*VcM8sZWxooyh@G(jgmCoggp!mmtlwUE+&0Vfm`i$WNN*8!9}D~?;2{fv9+;G
z$HSQMBykcjX-uoq6=&=(g%;BnbgAt5WoJCp+3Fl_){~p9KnKT1kn|f<u$s|94G`VB
zqTY3Muh911fa4v7{}CA=j8W~7NlDnPNV-1PJ#d0@&LI+3bNC;x!zv)7l1GAvL-;A$
z#A1kAN1dA*<J@E{H3r}2T<BDp<gw&Upfk(oY1MC)WO>7$)*Rv0pWzfL?U@|5{kaL8
zq#vh(9~>TLR02hj3ZI;7dVq0m&}E-0OwQ97&#*#8Fzp>o$(~DU9Gn^(xaja9R@zeb
z;NkJp>@qs!4`|eObxocdhcb?8&KnLXj04*zq@G;To+>w#1p=WD5q$;EiC}Q4BM{?|
z^9X6}UDpm80OA@Z?;Pl+Ms(<oiQ&JbOP6{MmrN}H%|RV~UTF~Mta;g?*Vs2E1cO{J
z9sv{QN^Ng%tEksupPpr*az4TphioSs`!{>8o<;r2S=S)F=c-J7yH9B(ezsiB_P$cl
uL_poA>`@9fR_MJzM_W)v4KPGs_cTn*BYB-WJOfjQe33d~EX0@D5XM`j%z<|R

literal 0
HcmV?d00001

diff --git a/content/posts/2023/12/_index.md b/content/posts/2023/12/_index.md
new file mode 100644
index 0000000..3fbf406
--- /dev/null
+++ b/content/posts/2023/12/_index.md
@@ -0,0 +1,9 @@
++++
+title = "Example posts"
+sort_by = "date"
+template = "posts.html"
+page_template = "post.html"
+transparent = true
++++
+
+Posts
diff --git a/content/posts/2023/12/podman_notes_rootless_quadlet.md b/content/posts/2023/12/podman_notes_rootless_quadlet.md
new file mode 100644
index 0000000..bc8991f
--- /dev/null
+++ b/content/posts/2023/12/podman_notes_rootless_quadlet.md
@@ -0,0 +1,35 @@
++++
+title = "Notes on Rootless Podman, Quadlet, and Systemd"
+date = 2023-12-11
+draft = true
+[taxonomies]
+tags= ["guides"]
++++
+
+The following are notes I collected while working with a rootless Podman pod at work. Information has been redacted for security while still being helpful. This information will focus primarily on *rootless* podman because that seems to be a gap in online knowledge/documentation.
+
+--- 
+
+## Podman-Kubes in Systemd
+Podman comes with a system-level `podman-kube@.service` template file. (For those unfamiliar with it: a template file allows you to specify a parameter after the "@" to use with the service.) The syntax to use it is pretty simple:
+
+```bash
+# Allow *users* to have services that start on boot and exist after the user logs out.
+# This example is for a user called "appuser".
+loginctl enable-linger appuser
+# Have the pod launch on startup, run as the user
+systemctl --user enable podman-kube@$(systemd-escape /opt/app/app_kubernetes_file.yaml).service
+```
+
+It's worth noting that **this does not work well with relative paths to Dockerfiles/Containerfiles.** It will probably be sufficient if you are pulling pre-made images from Dockerhub or Quay.
+
+## Podman Systemd Service Generator: Quadlet
+For context: Systemd can use executables called "generators" to convert non-native configurations into Systemd unit files. These generators are located in `/usr/lib/systemd/system-generators`, but Quadlet's is actually a symlink on RHEL.
+
+Quadlet is specifically a generator for Podman services such as individual containers, Kubes/pods, networks, or volumes. You can put the configurations in `~/.config/containers/systemd/` for user-level items. The resulting unit files are *not* output to any filesystem directory (as far as I can tell), but do show up in `systemctl --user list-units`. 
+
+If you're debugging the config files generated by Quadlet, you can use `/usr/libexec/podman/quadlet -user -dryrun` (thank you to [Fale's blog post](https://fale.io/blog/2023/05/17/manage-podman-containers-with-systemd-and-quadlet) for that one).
+
+## Using Generated Files
+Genereated files are a little different than normal `.service` files that most of us are probably used to. For one, they don't get "enabled" the traditional way. Instead they are started the usual way and have a line within them to specify where they are "installed".
+
diff --git a/content/posts/2024/01/_index.md b/content/posts/2024/01/_index.md
new file mode 100644
index 0000000..3fbf406
--- /dev/null
+++ b/content/posts/2024/01/_index.md
@@ -0,0 +1,9 @@
++++
+title = "Example posts"
+sort_by = "date"
+template = "posts.html"
+page_template = "post.html"
+transparent = true
++++
+
+Posts
diff --git a/content/posts/2024/01/happy-new-year.md b/content/posts/2024/01/happy-new-year.md
new file mode 100644
index 0000000..2f2762c
--- /dev/null
+++ b/content/posts/2024/01/happy-new-year.md
@@ -0,0 +1,8 @@
++++
+title = "Happy New Year"
+date = 2024-01-02
+[taxonomies]
+tags= ["shortnotes"]
++++
+
+Happy New Year to those who celebrate using a solar calendar! Only another 24 until we hit a nice, [round-number milestone](https://xkcd.com/1000/).
diff --git a/content/posts/2024/_index.md b/content/posts/2024/_index.md
new file mode 100644
index 0000000..3fbf406
--- /dev/null
+++ b/content/posts/2024/_index.md
@@ -0,0 +1,9 @@
++++
+title = "Example posts"
+sort_by = "date"
+template = "posts.html"
+page_template = "post.html"
+transparent = true
++++
+
+Posts