Home network container definitions and reverse proxy configuration, using rootless Podman Quadlets.
- Part-DB: Electronics and hardware component inventory tracking.
- Snipe-IT: Asset management and tracking.
- Traefik: Application proxy.
The assumed platform here is an Ubuntu 24.04 VM.
-
Install required system packages:
sudo apt install podman pipx s3fs
-
Allow the services to access privileged ports by adding the following in
/etc/sysctl.d/user_priv_ports.conf:net.ipv4.ip_unprivileged_port_start=80 -
Do the same for the active session by running:
sudo sysctl net.ipv4.ip_unprivileged_port_start=80
TODO: Revise this to instead use forwarding rules in the firewall and restore the privileged port threshold to 1024.
-
Ensure the services run even when the owner is not logged in by running
loginctl enable-linger
-
Install Python dependencies:
pipx ensurepath pipx install poetry # ...restart session here... poetry install -
Create a
secrets.ymlbased off the example and populate it with real values. Save it with permissions of0600. -
Install services:
poetry run ./services.py deploy partdb snipe traefik backup
-
Start services:
poetry run ./services.py start partdb snipe traefik