this post was submitted on 22 Feb 2025
8 points (75.0% liked)
Sysadmin
8100 readers
6 users here now
A community dedicated to the profession of IT Systems Administration
No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
[email protected]
[email protected]
[email protected]
[email protected]
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Thank you for pointing this out about the missing firewalld step! I will update my post.
The docker network+reverse proxy is also how I handle things too.
Podman seems easy to migrate, and works fine with firewalls.
I got super lucky, someone created a restart policy for Podman just a week ago. It works without changing anything to my docker-compose.yml files, as long as the file states
restart: always. Following Alpine's Wiki to install and setup Podman followed by the instructions on this Github Repository and everything works quite well on Alpine Linux.I'll have to play around with Podman some more and give it time to see how it holds up, but so far it seems promising.
I've spent a few hours with Podman and I was able to get my reverse proxy and a couple smaller services running which is quite nice. I'm using Alpine Linux so there were some extra steps I had to follow but their wiki handles that pretty good. The only issue I need to figure out is how to auto start my services on a system restart since Podman seems to focus on Systemd development. This seems like a good start but I think I need to figure out how pods and containers work in Podman first.
I've only started learning this stuff not too long ago but I'm surprised how relaxed Docker is with port management. I was under the impression that docker is more secure because it's containerized. Even more surprising was how little documentation there is for how to secure Docker ports.