nullprop/debian
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Run containers on peon user

Browse source
This commit is contained in:
Lauri Räsänen 2025-04-27 19:13:17 +03:00
parent f563f2f251
commit 3423e91d93
3 changed files with 44 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

23
scripts/beszel.sh
View file

@ -4,8 +4,10 @@ set -euo pipefail
sudo mkdir -p /srv/beszel sudo mkdir -p /srv/beszel
sudo mkdir -p /run/beszel_socket sudo mkdir -p /run/beszel_socket
sudo chown $(whoami):$(whoami) /srv/beszel sudo chown -R peon:peon /srv/beszel
sudo chown $(whoami):$(whoami) /run/beszel_socket sudo chown -R peon:peon /run/beszel_socket
sudo -u peon -s
# https://beszel.dev/guide/getting-started # https://beszel.dev/guide/getting-started
# https://beszel.dev/guide/hub-installation # https://beszel.dev/guide/hub-installation
@ -29,3 +31,20 @@ podman run -d \
-e KEY="$pub_key" \ -e KEY="$pub_key" \
-e LISTEN=/beszel_socket/beszel.sock \ -e LISTEN=/beszel_socket/beszel.sock \
docker.io/henrygd/beszel-agent:latest docker.io/henrygd/beszel-agent:latest
mkdir -p "$HOME/.config/systemd/user"
cd "$HOME/.config/systemd/user"
podman generate systemd --restart-policy=always --new --files --name beszel
podman generate systemd --restart-policy=always --new --files --name beszel-agent
podman stop beszel
podman stop beszel-agent
systemctl --user start container-beszel
systemctl --user start container-beszel-agent
systemctl --user status container-beszel
systemctl --user status container-beszel-agent
systemctl --user enable container-beszel
systemctl --user enable container-beszel-agent

20
scripts/podman.sh
View file

@ -4,8 +4,28 @@ set -euo pipefail
sudo apt install -y podman sudo apt install -y podman
sudo adduser peon --disabled-password --disabled-login
sudo loginctl enable-linger peon
sudo cp "$HOME/.vimrc" /home/peon/.vimrc
sudo mkdir -p /home/peon/.config/containers
sudo cp "$HOME/.config/containers/storage.conf" /home/peon/.config/containers/storage.conf
echo 'if [ -z "${XDG_RUNTIME_DIR}" ]; then' | sudo tee -a /home/peon/.bashrc
echo ' XDG_RUNTIME_DIR=/run/user/$(id -u)' | sudo tee -a /home/peon/.bashrc
echo ' export XDG_RUNTIME_DIR' | sudo tee -a /home/peon/.bashrc
echo 'fi' | sudo tee -a /home/peon/.bashrc
sudo chown -R peon:peon /home/peon
sudo mkdir -p /etc/containers/ sudo mkdir -p /etc/containers/
sudo cp "$HOME/.config/containers/storage.conf" /etc/containers/storage.conf sudo cp "$HOME/.config/containers/storage.conf" /etc/containers/storage.conf
systemctl --user enable podman.socket systemctl --user enable podman.socket
systemctl --user start podman.socket systemctl --user start podman.socket
sudo -u peon -s
systemctl --user enable podman.socket
systemctl --user start podman.socket
exit

3
scripts/zfs.sh
View file

@ -10,5 +10,8 @@ sudo zfs create -p "$root_set$HOME"
sudo zfs allow $(whoami) mount,create,rollback,snapshot "$root_set$HOME" sudo zfs allow $(whoami) mount,create,rollback,snapshot "$root_set$HOME"
rsync -aAX "$HOME-backup" "$HOME" rsync -aAX "$HOME-backup" "$HOME"
sudo zfs create -p "$root_set/home/peon"
sudo zfs allow peon mount,create,rollback,snapshot "$root_set/home/peon"
sudo zfs create -p "$root_set/srv/beszel" sudo zfs create -p "$root_set/srv/beszel"