I created a demo of running nextcloud with rootless podman by using quadlets (aka container unit files).
status: experimental
The container images used:
| image |
comment |
| library/mariadb:latest |
|
| library/redis:latest |
|
| localhost/nginx |
based on a slighly modified example from nextcloud-docker github project |
| localhost/nextcloud |
based on library/nextcloud from dockerhub |
The text Nextcloud can be seen when running curl:
$ curl -s localhost:8080 | grep title
<title>
Nextcloud </title>
For data storage two directories were used
- ~/shared_html/
- ~/mariadb_data/
After running the demo I can see that the directories only contain directories and files belonging to the regular user on the host.
This was done on a Fedora CoreOS machine which has podman 4.7.0.
I created the demo to see if I could run nextcloud with multiple containers and use
bind-mounted directories as storage where the files have ownership as my regular user.
See also Rootless NFS Volume Permissions: What am I doing wrong with my Nextcloud/MaraiDB/Redis pod? · containers/podman · Discussion #20519 · GitHub
The design of my demo https://github.com/eriksjolund/nextcloud-podman
relies on using an HTTP reserve proxy that supports socket activation. Currently nginx is used but in the future it should be possible to replace nginx with caddy.
Caddy 2.9.0 will support socket activation. (The latest Caddy version is currently v2.9.0-beta.2)
Using socket activation comes with some advantages.
Rootless Podman can communicate with native performance over the socket that was activated with socket activation. Normally traffic are processed by Pasta or Slirp4netns which comes with a performance penalty.
Another advantage is that it’s possible to run all containers in a custom network (i.e. a network that was created with podman network create) and at the same time have the source IP address preserved when using the socket that was socket-activated.
Side note: I tested out how Caddy could be run with socket activation and rootless Podman and wrote some examples here: GitHub - eriksjolund/podman-caddy-socket-activation: Demo of how to run socket-activated caddy with Podman (Those examples are note using Nextcloud though)