summaryrefslogtreecommitdiff
path: root/contrib
diff options
context:
space:
mode:
Diffstat (limited to 'contrib')
-rw-r--r--contrib/gate/Dockerfile4
-rw-r--r--contrib/systemd/README.md102
-rw-r--r--contrib/systemd/system/podman.service17
-rw-r--r--contrib/systemd/system/podman.socket10
-rw-r--r--contrib/systemd/user/podman.service17
-rw-r--r--contrib/systemd/user/podman.socket10
6 files changed, 157 insertions, 3 deletions
diff --git a/contrib/gate/Dockerfile b/contrib/gate/Dockerfile
index 1939d7ad1..c6aacead5 100644
--- a/contrib/gate/Dockerfile
+++ b/contrib/gate/Dockerfile
@@ -1,6 +1,5 @@
-FROM fedora:30
+FROM fedora:31
RUN dnf -y install \
- atomic-registries \
btrfs-progs-devel \
bzip2 \
container-selinux \
@@ -46,7 +45,6 @@ WORKDIR $GOSRC
# Install dependencies
RUN set -x && \
- make install.tools && \
install -D -m 755 $GOSRC/contrib/gate/entrypoint.sh /usr/local/bin/ && \
rm -rf "$GOSRC"
diff --git a/contrib/systemd/README.md b/contrib/systemd/README.md
new file mode 100644
index 000000000..20f11467a
--- /dev/null
+++ b/contrib/systemd/README.md
@@ -0,0 +1,102 @@
+# Setting up Podman service for systemd socket activation
+
+## system-wide (podman service run as root)
+
+The following unit file examples assume:
+ 1. copied the `service` executable into `/usr/local/bin`
+ 1. `chcon system_u:object_r:container_runtime_exec_t:s0 /usr/local/bin/service`
+
+then:
+ 1. copy the `podman.service` and `podman.socket` files into `/etc/systemd/system`
+ 1. `systemctl daemon-reload`
+ 1. `systemctl enable podman.socket`
+ 1. `systemctl start podman.socket`
+ 1. `systemctl status podman.socket podman.service`
+
+Assuming the status messages show no errors, the libpod service is ready to respond to the APIv2 on the unix domain socket `/run/podman/podman.sock`
+
+### podman.service
+```toml
+[Unit]
+Description=Podman API Service
+Requires=podman.socket
+After=podman.socket
+Documentation=man:podman-api(1)
+StartLimitIntervalSec=0
+
+[Service]
+Type=oneshot
+Environment=REGISTRIES_CONFIG_PATH=/etc/containers/registries.conf
+ExecStart=/usr/local/bin/service
+TimeoutStopSec=30
+KillMode=process
+
+[Install]
+WantedBy=multi-user.target
+Also=podman.socket
+```
+### podman.socket
+
+```toml
+[Unit]
+Description=Podman API Socket
+Documentation=man:podman-api(1)
+
+[Socket]
+ListenStream=%t/podman/podman.sock
+SocketMode=0660
+
+[Install]
+WantedBy=sockets.target
+```
+## user (podman service run as given user aka "rootless")
+
+The following unit file examples assume:
+ 1. you have a created a directory `~/bin`
+ 1. copied the `service` executable into `~/bin`
+ 1. `chcon system_u:object_r:container_runtime_exec_t:s0 ~/bin/service`
+
+then:
+ 1. `mkdir -p ~/.config/systemd/user`
+ 1. copy the `podman.service` and `podman.socket` files into `~/.config/systemd/user`
+ 1. `systemctl --user enable podman.socket`
+ 1. `systemctl --user start podman.socket`
+ 1. `systemctl --user status podman.socket podman.service`
+
+Assuming the status messages show no errors, the libpod service is ready to respond to the APIv2 on the unix domain socket `/run/user/$(id -u)/podman/podman.sock`
+
+### podman.service
+
+```toml
+[Unit]
+Description=Podman API Service
+Requires=podman.socket
+After=podman.socket
+Documentation=man:podman-api(1)
+StartLimitIntervalSec=0
+
+[Service]
+Type=oneshot
+Environment=REGISTRIES_CONFIG_PATH=/etc/containers/registries.conf
+ExecStart=%h/bin/service
+TimeoutStopSec=30
+KillMode=process
+
+[Install]
+WantedBy=multi-user.target
+Also=podman.socket
+```
+### podman.socket
+
+```toml
+[Unit]
+Description=Podman API Socket
+Documentation=man:podman-api(1)
+
+[Socket]
+ListenStream=%t/podman/podman.sock
+SocketMode=0660
+
+[Install]
+WantedBy=sockets.target
+```
diff --git a/contrib/systemd/system/podman.service b/contrib/systemd/system/podman.service
new file mode 100644
index 000000000..13d858627
--- /dev/null
+++ b/contrib/systemd/system/podman.service
@@ -0,0 +1,17 @@
+[Unit]
+Description=Podman API Service
+Requires=podman.socket
+After=podman.socket
+Documentation=man:podman-api(1)
+StartLimitIntervalSec=0
+
+[Service]
+Type=oneshot
+Environment=REGISTRIES_CONFIG_PATH=/etc/containers/registries.conf
+ExecStart=/usr/local/bin/service
+TimeoutStopSec=30
+KillMode=process
+
+[Install]
+WantedBy=multi-user.target
+Also=podman.socket
diff --git a/contrib/systemd/system/podman.socket b/contrib/systemd/system/podman.socket
new file mode 100644
index 000000000..8b22e31e4
--- /dev/null
+++ b/contrib/systemd/system/podman.socket
@@ -0,0 +1,10 @@
+[Unit]
+Description=Podman API Socket
+Documentation=man:podman-api(1)
+
+[Socket]
+ListenStream=%t/podman/podman.sock
+SocketMode=0660
+
+[Install]
+WantedBy=sockets.target
diff --git a/contrib/systemd/user/podman.service b/contrib/systemd/user/podman.service
new file mode 100644
index 000000000..81fa55cf8
--- /dev/null
+++ b/contrib/systemd/user/podman.service
@@ -0,0 +1,17 @@
+[Unit]
+Description=Podman API Service
+Requires=podman.socket
+After=podman.socket
+Documentation=man:podman-api(1)
+StartLimitIntervalSec=0
+
+[Service]
+Type=oneshot
+Environment=REGISTRIES_CONFIG_PATH=/etc/containers/registries.conf
+ExecStart=%h/bin/service
+TimeoutStopSec=30
+KillMode=process
+
+[Install]
+WantedBy=multi-user.target
+Also=podman.socket
diff --git a/contrib/systemd/user/podman.socket b/contrib/systemd/user/podman.socket
new file mode 100644
index 000000000..8b22e31e4
--- /dev/null
+++ b/contrib/systemd/user/podman.socket
@@ -0,0 +1,10 @@
+[Unit]
+Description=Podman API Socket
+Documentation=man:podman-api(1)
+
+[Socket]
+ListenStream=%t/podman/podman.sock
+SocketMode=0660
+
+[Install]
+WantedBy=sockets.target