[leafnode-list] containerized leafnode?
Matěj Cepl
mcepl at cepl.eu
Sat May 18 17:42:50 CEST 2024
(also posted as https://gitlab.com/leafnode-2/leafnode-2/-/merge_requests/5)
Hi,
I have moved my working computer to MicroOS [1], respectively
its desktop version using Sway called Moldavite [2]. The point
of the system is that it is minimal and the root partition (most
everything outside of /home) is read-only. All (or as much as
possible) software on the system is supposed to be run from
containers, be it Docker/Podman containers, Flatpak applications,
or other systems using Distrobox [3].
Of course, I haven’t found any leafnode containers (are there
any? I haven’t found anything), so I am trying to create one. If
anybody know about any other attempt to do so, please, let me
know. I would love to get comments on what I am trying to do here.
So, this is my Dockerfile:
# Define the names/tags of the container
#!BuildTag: opensuse/leafnode:latest opensuse/leafnode:%PKG_VERSION% opensuse/leafnode:%PKG_VERSION%.%RELEASE%
FROM opensuse/tumbleweed:latest
# Define labels according to https://en.opensuse.org/Building_derived_containers
# labelprefix=org.opensuse.example
LABEL io.containers.autoupdate="registry"
LABEL org.opencontainers.image.authors="Matěj Cepl <mcepl at cepl.eu>"
LABEL org.opencontainers.image.title="opensuse/leafnode"
LABEL org.opencontainers.image.description="Container for leafnode daemon"
LABEL org.opencontainers.image.version="%PKG_VERSION%.%RELEASE%"
LABEL org.opensuse.reference="registry.opensuse.org/opensuse/leafnode:%PKG_VERSION%.%RELEASE%"
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL org.opencontainers.image.created="%BUILDTIME%"
EXPOSE 25/tcp
EXPOSE 465/tcp
EXPOSE 587/tcp
# Set default values
VOLUME /var/spool/leafnode
VOLUME /var/spool/vmail
VOLUME /etc/leafnode
RUN zypper --non-interactive in openSUSE-release-appliance-docker \
leafnode procmail \
&& zypper clean -a
ENTRYPOINT /usr/sbin/leafnode
Couple of notes:
1. Ignore those LABELs, it is needed for containers on
registry.opensuse.org (it is available via `podman pull
registry.opensuse.org/home/mcepl/moldavite/containers/opensuse/leafnode:latest`).
2. Yes, I use OpenSUSE packages, but the resulting container
should be distro-independent and useable anywhere
Docker/Podman is available. If I have any SUSEism in the
resulting container, let me know.
3. This is meant for rootless podman, so this should run as a
normal user. Is it possible with leafnode (obviously, it
should use port > 1024)?
MicroOS uses for orchestration Podman, systemd, and quadlets [4],
so this my suggested .container file:
[Unit]
Description=Podman container-leafnode.service
Documentation=man:leafnode(8)
Wants=network-online.target
After=network-online.target
[Container]
Image=registry.opensuse.org/home/mcepl/moldavite/containers/opensuse/leafnode:latest
ContainerName=leafnode
AutoUpdate=registry
Environment=PUID=1000 PGID=100 TZ=Europe/Prague
Volume=%h/.config/leafnode:/etc/leafnode
Volume=%h/.local/share/leafnode/spool:/var/spool/leafnode
# Volume=%h/.local/share/leafnode/mail:/var/spool/vmail
PublishPort=127.0.0.1:9119:9119
UserNS=keep-id:uid=1000,gid=100
PodmanArgs=--hostname my-leafnode --privileged
[Service]
Restart=on-failure
[Install]
WantedBy=default.target
Does anybody has any comments on all this?
Thank you in advance for any response,
Matěj
[1] https://get.opensuse.org/microos/
[2] https://sr.ht/~mcepl/moldavite/
[3] https://github.com/89luca89/distrobox
[4] for example https://mo8it.com/blog/quadlet/
--
http://matej.ceplovi.cz/blog/, @mcepl at floss.social
GPG Finger: 3C76 A027 CA45 AD70 98B5 BC1D 7920 5802 880B C9D8
England is governed not by logic but by parliament.
-- Benjamin Disraeli
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 216 bytes
Desc: not available
URL: <https://www.leafnode.org/pipermail/leafnode-list/attachments/20240518/ceff3ad3/attachment.sig>
More information about the leafnode-list
mailing list