I'll mostly be following the advice of man
podman-systemd.unit
(docs).
Make sure one of the following directories exist:
$XDG_CONFIG_HOME/containers/systemd/
~/.config/containers/systemd/
To create one of them, run:
if [ -z "${XDG_CONFIG_HOME+x}" ]; then mkdir -p ~/.config/containers/systemd else; mkdir -p "$XDG_CONFIG_HOME/containers/systemd"; fi
Next, check that cgroups v2 is enabled by running:
podman info --format {{.Host.CgroupsVersion}}
It should output v2
.
i2p.service
# Refs: # * man 5 podman-systemd.unit # * https://systemd.io/NETWORK_ONLINE/ # * https://www.freedesktop.org/software/systemd/man/latest/systemd.special.html # * https://geti2p.net/en/download/docker [Unit] Description=I2P - Invisible Internet Project Wants=network-online.target After=network-online.target [Container] Pull=newer Image=geti2p/i2p ContainerName=i2p Volume=i2p.volume:/i2p/.i2p UserNS=host NoNewPrivileges=yes ReadOnly=true Tmpfs=/i2p # --- Console PublishPort=7657:7657 # --- Proxies # HTTP PublishPort=4444:4444 # HTTPS PublishPort=4445:4445 # IRC PublishPort=6668:6668 # SMTP PublishPort=7659:7659 # POP PublishPort=7660:7660 # SAM PublishPort=7656:7656 # --- Network Protocol #PublishPort=54321:12345 #PublishPort=54321:12345/udp [Service] Restart=always TimeoutStartSec=900 [Install] WantedBy=multi-user.target
i2p.volume
[Volume] User=root Group=root
Reload your user's systemd
daemon:
systemctl --user daemon-reload
Sanity check:
systemctl --user status i2p.service
You should see:
○ i2p.service - I2P - Invisible Internet Project Loaded: loaded (/home/bheesham/.config/containers/systemd/i2p.container; generated) Drop-In: /usr/lib/systemd/user/service.d └─10-timeout-abort.conf Active: inactive (dead)
And finally, let's start it:
systemctl --user start i2p.service
If you open your browser to http://127.0.0.1:7657 you should see the console.
I set up FoxyProxy with this config file.
I'm not entirely happy that the container has access to stuff running on the host, so I might look at other alternatives. Maybe portable services?