Run containers on peon user
This commit is contained in:
parent
f563f2f251
commit
3423e91d93
3 changed files with 44 additions and 2 deletions
|
|
@ -4,8 +4,10 @@ set -euo pipefail
|
|||
|
||||
sudo mkdir -p /srv/beszel
|
||||
sudo mkdir -p /run/beszel_socket
|
||||
sudo chown $(whoami):$(whoami) /srv/beszel
|
||||
sudo chown $(whoami):$(whoami) /run/beszel_socket
|
||||
sudo chown -R peon:peon /srv/beszel
|
||||
sudo chown -R peon:peon /run/beszel_socket
|
||||
|
||||
sudo -u peon -s
|
||||
|
||||
# https://beszel.dev/guide/getting-started
|
||||
# https://beszel.dev/guide/hub-installation
|
||||
|
|
@ -29,3 +31,20 @@ podman run -d \
|
|||
-e KEY="$pub_key" \
|
||||
-e LISTEN=/beszel_socket/beszel.sock \
|
||||
docker.io/henrygd/beszel-agent:latest
|
||||
|
||||
mkdir -p "$HOME/.config/systemd/user"
|
||||
cd "$HOME/.config/systemd/user"
|
||||
|
||||
podman generate systemd --restart-policy=always --new --files --name beszel
|
||||
podman generate systemd --restart-policy=always --new --files --name beszel-agent
|
||||
podman stop beszel
|
||||
podman stop beszel-agent
|
||||
|
||||
systemctl --user start container-beszel
|
||||
systemctl --user start container-beszel-agent
|
||||
|
||||
systemctl --user status container-beszel
|
||||
systemctl --user status container-beszel-agent
|
||||
|
||||
systemctl --user enable container-beszel
|
||||
systemctl --user enable container-beszel-agent
|
||||
|
|
|
|||
|
|
@ -4,8 +4,28 @@ set -euo pipefail
|
|||
|
||||
sudo apt install -y podman
|
||||
|
||||
sudo adduser peon --disabled-password --disabled-login
|
||||
sudo loginctl enable-linger peon
|
||||
|
||||
sudo cp "$HOME/.vimrc" /home/peon/.vimrc
|
||||
|
||||
sudo mkdir -p /home/peon/.config/containers
|
||||
sudo cp "$HOME/.config/containers/storage.conf" /home/peon/.config/containers/storage.conf
|
||||
|
||||
echo 'if [ -z "${XDG_RUNTIME_DIR}" ]; then' | sudo tee -a /home/peon/.bashrc
|
||||
echo ' XDG_RUNTIME_DIR=/run/user/$(id -u)' | sudo tee -a /home/peon/.bashrc
|
||||
echo ' export XDG_RUNTIME_DIR' | sudo tee -a /home/peon/.bashrc
|
||||
echo 'fi' | sudo tee -a /home/peon/.bashrc
|
||||
|
||||
sudo chown -R peon:peon /home/peon
|
||||
|
||||
sudo mkdir -p /etc/containers/
|
||||
sudo cp "$HOME/.config/containers/storage.conf" /etc/containers/storage.conf
|
||||
|
||||
systemctl --user enable podman.socket
|
||||
systemctl --user start podman.socket
|
||||
|
||||
sudo -u peon -s
|
||||
systemctl --user enable podman.socket
|
||||
systemctl --user start podman.socket
|
||||
exit
|
||||
|
|
|
|||
|
|
@ -10,5 +10,8 @@ sudo zfs create -p "$root_set$HOME"
|
|||
sudo zfs allow $(whoami) mount,create,rollback,snapshot "$root_set$HOME"
|
||||
rsync -aAX "$HOME-backup" "$HOME"
|
||||
|
||||
sudo zfs create -p "$root_set/home/peon"
|
||||
sudo zfs allow peon mount,create,rollback,snapshot "$root_set/home/peon"
|
||||
|
||||
sudo zfs create -p "$root_set/srv/beszel"
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue