Podman #7 – Enough, Just Give Me the Files
By now, we’ve gone through rootful/rootless containers, networking, pods, and even WordPress. Sometimes you just want the files, put them in the right place, and start things. Here’s a “all-in-one” reference for your Quadlets.
0. Enable User Linger
Before rootless services can run when you’re not logged in, enable lingering for your user:
sudo loginctl enable-linger $UID
0b. Create Required Directories
Create the folders for Quadlets and persistent container storage:
mkdir -p ~/.config/containers/systemd
mkdir -p ~/.local/share/containers/storage/volumes/wp-mariadb
mkdir -p ~/.local/share/containers/storage/volumes/wp-html
0c. Create Secrets
Before starting the containers, create the secrets required for MariaDB and WordPress:
# MariaDB root password
echo -n "example-root-pw" | podman secret create blog_db_rootpassword -
# Database name
echo -n "wordpress" | podman secret create blog_db_name -
# Database user
echo -n "wpuser" | podman secret create blog_db_user -
# User password
echo -n "example-wp-pw" | podman secret create blog_db_password -
Verify the secrets:
podman secret ls
1. Network Quadlet
nano ~/.config/containers/systemd/intisostrictnet.network
[Unit]
Description=Isolated internal network
[Network]
Driver=bridge
Internal=true
Options=isolate=strict
[Install]
WantedBy=default.target
2. Pod Quadlet
nano ~/.config/containers/systemd/podracer.pod
[Unit]
Description=It goes brrrrr
[Pod]
PublishPort=8080:80
Network=intisostrictnet.network
[Install]
WantedBy=default.target
3. MariaDB Container
nano ~/.config/containers/systemd/mariadb.container
[Unit]
Description=MariaDB container for WordPress
PartOf=podracer.pod
[Container]
Image=docker.io/library/mariadb:11
Pod=podracer.pod
AutoUpdate=registry
StartWithPod=true
NoNewPrivileges=true
ContainerName=mariadb
Volume=%h/.local/share/containers/storage/volumes/wp-mariadb:/var/lib/mysql:z
Secret=blog_db_name,type=env,target=MYSQL_DATABASE
Secret=blog_db_user,type=env,target=MYSQL_USER
Secret=blog_db_password,type=env,target=MYSQL_PASSWORD
Secret=blog_db_rootpassword,type=env,target=MARIADB_ROOT_PASSWORD
[Service]
Restart=always
4. WordPress Container
nano ~/.config/containers/systemd/wordpress.container
[Unit]
Description=WordPress container
PartOf=podracer.pod
After=mariadb.service
[Container]
Image=docker.io/library/wordpress:latest
Pod=podracer.pod
AutoUpdate=registry
StartWithPod=true
NoNewPrivileges=true
ContainerName=wordpress
Volume=%h/.local/share/containers/storage/volumes/wp-html:/var/www/html:z
Secret=blog_db_name,type=env,target=WORDPRESS_DB_NAME
Secret=blog_db_user,type=env,target=WORDPRESS_DB_USER
Secret=blog_db_password,type=env,target=WORDPRESS_DB_PASSWORD
Environment=WORDPRESS_DB_HOST=127.0.0.1
[Service]
Restart=always
5. Start Everything
Reload systemd and start the services:
systemctl --user daemon-reload
Check if the service was created:
ls /run/user/$UID/systemd/generator/
systemctl --user start intisostrictnet-network.service
systemctl --user start podracer-pod.service
The containers will start automatically with the pod as specified in the Quadlet.
systemctl --user start mariadb.service
systemctl --user start wordpress.service
6. Troubleshoot
If something doesn’t start, check the generator:
/usr/lib/systemd/user-generators/podman-user-generator -dryrun
Follow logs with:
journalctl -fe
Or check container logs directly:
podman logs <container_name>
7. Access WordPress
If everything started correctly, open your browser and go to http://localhost:8080
to configure WordPress.