podman(5/0)

Write systemd unit files

I don’t fully understand it’s history, but there was a wave of conflict when Debian choose to standardize service initialization on systemd. I’m not here to argue for or against it; only to suggest that, if you’re running a Linux machine that uses this as its core initialization, you’ll benefit from using the same. Don’t tack on another service manager if you can help it because, as I argue elsewhere, it’s best to use the default tools.…

Deploy nonroot containers

One of the advantages touted by the Podman team over Docker is that you can choose to run containers as a user other than root. This is a security feature since, if a container were compromised by a malicious user and broke out of its container process, they would not have root privileges. Actually running containers as non-root users, however, adds a surprising complexity. Most container images, including those I’ve created myself, were drafted in Docker.…

Build your own CI/CD pipeline

The Journey Ends My journey towards a self-hosted devops pipeline began a few years ago with steps to architect a personal devops pipeline. The system grew into the Podman era when I wrote how to host your services with podman. Inspired by Christian Ştefănescu’s brilliant design for a Tiny CI System and motivated by the need to redeploy my entire web stack to a cloud server while we move, I’ve crafted my own minimal deployment system that may be the last step in my devops saga for a while.…

Architect a personal devops pipeline

The Journey Begins When my raspberry pi arrived two years ago, I opened it with excited trepidation. Will I overcome the hurdles to self-hosting on an unfamiliar architecture and operating system? How performant will it be? What tools will I learn, or give up, to achieve my goals? Once I worked through the steps to self hosting, I felt confident hosting my own static blog. But it wasn’t long before I began to dream of more.…

Host your services with podman

Recollecting the Journey My earlier foray into self-hosting a devops pipeline was little more than an Nginx proxy serving up Hugo-generated HTML files. As needs arose I began to add web services. Automated deployments with a webhook server and mobile publishing with a custom publishing service were two of the first. At the time I wrote this post, I was also running a data-publishing service called datasette, deploying server updates with Ansible, and managing all processes with supervisord.…