hapy_new_year

2024-03-24 15:45:15 -04:00 · 2024-03-24 15:45:15 -04:00 · 9b628f9aa2
commit 9b628f9aa2
parent 6027100d13
9 changed files with 84 additions and 1 deletions
--- a/content/posts/2023/06/resolved-email-delivery.md
+++ b/content/posts/2023/06/resolved-email-delivery.md
@ -13,7 +13,7 @@ The solution provided by Google is to use a Google Workspace email instead. I gu

 ---

-For anyone who’s curious, here’s what Google has to say about the matter [on their help page](https://support.google.com/domains/answer/3251241?hl=en#zippy=%2Cemail-forwarding-delivery-issues-from-sender):
+For anyone who’s curious, here’s what Google has to say about the matter [on their help page](https://support.google.com/domains/answer/3251241):

 > You may not get the email forwarded to you by senders with specific email authentication settings. Regardless of your mail settings in Google Domains, some email senders have rules that prevent their mail from being delivered with email forwarding systems.  
 > 
--- a/content/posts/2023/11/.podman_learning.md.swp
+++ b/content/posts/2023/11/.podman_learning.md.swp
--- a/content/posts/2023/11/podman_learning.md
+++ b/content/posts/2023/11/podman_learning.md
@ -0,0 +1,13 @@
+++
+title = "Some things I've recently learned about Podman (and Docker)"
+date = 2023-11-27
+[taxonomies]
+tags= ["shortnotes","podman"]
+++
+
+- Podman does not require a user to have unique permissions to use it.
+- Any user on a docker-enabled system that also is in the docker group can become root with one command
+- The "ADD" directive in a Containerfile or Dockerfile is considered more insecure than "COPY" because it can pull remote directories.
+- Podman was made with Docker command compatability in mind because the devs knew they'd never get market share otherwise.
+
+
--- a/content/posts/2023/12/.podman_learning.md.swp
+++ b/content/posts/2023/12/.podman_learning.md.swp
--- a/content/posts/2023/12/_index.md
+++ b/content/posts/2023/12/_index.md
@ -0,0 +1,9 @@
+++
+title = "Example posts"
+sort_by = "date"
+template = "posts.html"
+page_template = "post.html"
+transparent = true
+++
+
+Posts
--- a/content/posts/2023/12/podman_notes_rootless_quadlet.md
+++ b/content/posts/2023/12/podman_notes_rootless_quadlet.md
@ -0,0 +1,35 @@
+++
+title = "Notes on Rootless Podman, Quadlet, and Systemd"
+date = 2023-12-11
+draft = true
+[taxonomies]
+tags= ["guides"]
+++
+
+The following are notes I collected while working with a rootless Podman pod at work. Information has been redacted for security while still being helpful. This information will focus primarily on *rootless* podman because that seems to be a gap in online knowledge/documentation.
+
+--- 
+
+## Podman-Kubes in Systemd
+Podman comes with a system-level `podman-kube@.service` template file. (For those unfamiliar with it: a template file allows you to specify a parameter after the "@" to use with the service.) The syntax to use it is pretty simple:
+
+```bash
+# Allow *users* to have services that start on boot and exist after the user logs out.
+# This example is for a user called "appuser".
+loginctl enable-linger appuser
+# Have the pod launch on startup, run as the user
+systemctl --user enable podman-kube@$(systemd-escape /opt/app/app_kubernetes_file.yaml).service
+```
+
+It's worth noting that **this does not work well with relative paths to Dockerfiles/Containerfiles.** It will probably be sufficient if you are pulling pre-made images from Dockerhub or Quay.
+
+## Podman Systemd Service Generator: Quadlet
+For context: Systemd can use executables called "generators" to convert non-native configurations into Systemd unit files. These generators are located in `/usr/lib/systemd/system-generators`, but Quadlet's is actually a symlink on RHEL.
+
+Quadlet is specifically a generator for Podman services such as individual containers, Kubes/pods, networks, or volumes. You can put the configurations in `~/.config/containers/systemd/` for user-level items. The resulting unit files are *not* output to any filesystem directory (as far as I can tell), but do show up in `systemctl --user list-units`. 
+
+If you're debugging the config files generated by Quadlet, you can use `/usr/libexec/podman/quadlet -user -dryrun` (thank you to [Fale's blog post](https://fale.io/blog/2023/05/17/manage-podman-containers-with-systemd-and-quadlet) for that one).
+
+## Using Generated Files
+Genereated files are a little different than normal `.service` files that most of us are probably used to. For one, they don't get "enabled" the traditional way. Instead they are started the usual way and have a line within them to specify where they are "installed".
+
--- a/content/posts/2024/01/_index.md
+++ b/content/posts/2024/01/_index.md
@ -0,0 +1,9 @@
+++
+title = "Example posts"
+sort_by = "date"
+template = "posts.html"
+page_template = "post.html"
+transparent = true
+++
+
+Posts
--- a/content/posts/2024/01/happy-new-year.md
+++ b/content/posts/2024/01/happy-new-year.md
@ -0,0 +1,8 @@
+++
+title = "Happy New Year"
+date = 2024-01-02
+[taxonomies]
+tags= ["shortnotes"]
+++
+
+Happy New Year to those who celebrate using a solar calendar! Only another 24 until we hit a nice, [round-number milestone](https://xkcd.com/1000/).
--- a/content/posts/2024/_index.md
+++ b/content/posts/2024/_index.md
@ -0,0 +1,9 @@
+++
+title = "Example posts"
+sort_by = "date"
+template = "posts.html"
+page_template = "post.html"
+transparent = true
+++
+
+Posts